CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-2532

The dissect_llrp_parameters function in epan/dissectors/packet-llrp.c in the LLRP dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 does not limit the recursion depth, which allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted packet.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 73.2%

CVSS Severity

CVSS v3 Score 5.9

CVSS v2 Score 4.3

References

Products affected by CVE-2016-2532

Wireshark » Wireshark » Version: 1.12.0

cpe:2.3:a:wireshark:wireshark:1.12.0
Wireshark » Wireshark » Version: 1.12.1

cpe:2.3:a:wireshark:wireshark:1.12.1
Wireshark » Wireshark » Version: 1.12.2

cpe:2.3:a:wireshark:wireshark:1.12.2
Wireshark » Wireshark » Version: 1.12.3

cpe:2.3:a:wireshark:wireshark:1.12.3
Wireshark » Wireshark » Version: 1.12.4

cpe:2.3:a:wireshark:wireshark:1.12.4
Wireshark » Wireshark » Version: 1.12.5

cpe:2.3:a:wireshark:wireshark:1.12.5
Wireshark » Wireshark » Version: 1.12.6

cpe:2.3:a:wireshark:wireshark:1.12.6
Wireshark » Wireshark » Version: 1.12.7

cpe:2.3:a:wireshark:wireshark:1.12.7
Wireshark » Wireshark » Version: 1.12.8

cpe:2.3:a:wireshark:wireshark:1.12.8
Wireshark » Wireshark » Version: 1.12.9

cpe:2.3:a:wireshark:wireshark:1.12.9
Wireshark » Wireshark » Version: 2.0.0

cpe:2.3:a:wireshark:wireshark:2.0.0
Wireshark » Wireshark » Version: 2.0.1

cpe:2.3:a:wireshark:wireshark:2.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-2532

Products

Pricing

Contact Us