Base Score

MEDIUM5.9

CVE-2016-6507

epan/dissectors/packet-mmse.c in the MMSE dissector in Wireshark 1.12.x before 1.12.13 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.

VectorNETWORK

Published Bycve@mitre.org

Published DateAug 06, 2016, 23:59

Weakness Type (CWE):CWE-399

CVSS Metrics

Base Score

5.9

Vector String

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Base Severity

MEDIUM

Version

3.0

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

HIGH

Privileges Required (PR)

NONE

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

NONE

Integrity (I)

NONE

Availability (A)

HIGH

References

http://openwall.com/lists/oss-security/2016/07/28/3
http://www.debian.org/security/2016/dsa-3648
http://www.securitytracker.com/id/1036480
http://www.wireshark.org/security/wnpa-sec-2016-43.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12624
https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=b5a10743258bd016c07ebf6479137fda3d172a0f

Base Score

MEDIUM5.9

Weakness Type (CWE):CWE-399

CVSS Metrics

Base Score

5.9

Vector String

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Base Severity

MEDIUM

Version

3.0

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

HIGH

Privileges Required (PR)

NONE

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

NONE

Integrity (I)

NONE

Availability (A)

HIGH