CVE-2016-9374

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2016-9374

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-9374.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2016-9374

Related

Published

2016-11-17T05:59:03Z

Modified

2024-09-11T04:09:12.533914Z

Severity

5.9 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-alljoyn.c by ensuring that a length variable properly tracked the state of a signature variable.

References

Affected packages

Debian:11 / wireshark

Package

Name: wireshark
Purl: pkg:deb/debian/wireshark?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.2+g9c5aae3-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / wireshark

Package

Name: wireshark
Purl: pkg:deb/debian/wireshark?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.2+g9c5aae3-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / wireshark

Package

Name: wireshark
Purl: pkg:deb/debian/wireshark?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.2.2+g9c5aae3-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/wireshark/wireshark

Affected ranges

Type: GIT
Repo: https://github.com/wireshark/wireshark
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

5368c50be46d4a44986d12bdfc0a35b42c0f34fc

Last affected

59ea380c69dca2bc2f97fa97c1bf410bbcd2411c

Last affected

9a73b827b22c7ce9132e939b9f07ec4425fc2aa6

Last affected

a16e22ed9cbbc599fe8b7b8e40a6696a0138c489

Last affected

a3be9c6de540ae1fade63568cc77d928b3c52ef7

Last affected

a6fbd278e2d72ed3524995464c86929b51867802

Last affected

d0e42d78193cfacd1022656cd8dad7fc222e6dbc

Last affected

daac0f493f09ff68e194a30bf0f5318db96b99cd

Last affected

dd7746e6f1b034048cd986ca6f44291e712cc1fc

Last affected

eed34f0ac6696c053585ddf75c5805b3d5b395cf

Affected versions

Other

backups/ethereal@18706

ethereal-0-3-15

start

ethereal-0.*

ethereal-0.3.15

v1.*

v1.11.0

v1.11.0-rc1

v1.11.1

v1.11.1-rc1

v1.11.2

v1.11.2-rc1

v1.11.3

v1.11.3-rc1

v1.11.4-rc1

v1.99.0

v1.99.0-rc1

v1.99.1

v1.99.10rc0

v1.99.1rc0

v1.99.2

v1.99.2rc0

v1.99.3

v1.99.3rc0

v1.99.4

v1.99.4rc0

v1.99.5

v1.99.5rc0

v1.99.6

v1.99.6rc0

v1.99.7

v1.99.7rc0

v1.99.8

v1.99.8rc0

v1.99.9

v1.99.9rc0

v2.*

v2.0.0

v2.0.0rc0

v2.0.0rc1

v2.0.0rc2

v2.0.0rc3

v2.0.1

v2.0.1rc0

v2.1.0

v2.1.0rc0

v2.1.1

v2.1.1rc0

v2.1.2rc0

v2.2.0

v2.2.0rc0

v2.2.0rc1

v2.2.0rc2

wireshark-1.*

wireshark-1.11.3

wireshark-1.99.0

wireshark-1.99.1

wireshark-1.99.2

wireshark-1.99.3

wireshark-1.99.4

wireshark-1.99.5

wireshark-1.99.6

wireshark-1.99.7

wireshark-1.99.8

wireshark-1.99.9

wireshark-2.*

wireshark-2.0.0

wireshark-2.0.1

wireshark-2.1.0

wireshark-2.1.1

wireshark-2.2.0

wireshark-2.2.0rc1

wireshark-2.2.0rc2