Integer Overflow Vulnerability in Wireshark RELOAD Dissector

Integer Overflow Vulnerability in Wireshark RELOAD Dissector

CVE-2013-2486 · MEDIUM Severity

AV:A/AC:L/AU:N/C:N/I:N/A:C

The dissect_diagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet.

Learn more about our Web Application Penetration Testing UK.