CVE-2013-3559
EPSS 5.0%
Description
epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet.
How to fix CVE-2013-3559
To remediate CVE-2013-3559, upgrade the affected package to a fixed version below.
- Debian/wireshark—upgrade to 1.8.7-1 or later
Is CVE-2013-3559 being exploited?
Moderate — EPSS is 5.0%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (1)
- from 0, < 1.8.7-1