CVE-2016-5353
Debian Security Advisory 3615-1
Severity Score
Exploit Likelihood
Affected Versions
16Public Exploits
0Exploited in Wild
-Decision
Descriptions
epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles the reserved C/T value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
epan/dissectors/packet-umts_fp.c en el disector UMTS FP en Wireshark 1.12.x en versiones anteriores a 1.12.12 y 2.x en versiones anteriores a 2.0.4 no maneja correctamente el valor reservado C/T, lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un paquete manipulado.
Multiple vulnerabilities were discovered in the dissectors/parsers for PKTC, IAX2, GSM CBCH and NCP, SPOOLS, IEEE 802.11, UMTS FP, USB, Toshiba, CoSine, NetScreen, WBXML which could result in denial of service or potentially the execution of arbitrary code.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-06-09 CVE Reserved
- 2016-07-02 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| http://www.openwall.com/lists/oss-security/2016/06/09/3 | Mailing List |
|
| http://www.oracle.com/technetwork/topics/security/bulletinjul2016-309056... | X_refsource_confirm |
|
| http://www.securityfocus.com/bid/91140 | Vdb Entry | |
| https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12191 | Issue Tracking | |
| https://github.com/wireshark/wireshark/commit/7d7190695ce2ff269fdffb04e8... | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.debian.org/security/2016/dsa-3615 | 2016-11-28 | |
| https://www.wireshark.org/security/wnpa-sec-2016-32.html | 2016-11-28 |