Unrated severityNVD Advisory· Published Mar 7, 2013· Updated Jun 16, 2026
CVE-2013-2488
CVE-2013-2488
Description
The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a denial of service (application crash) via a large offset value that triggers write access to an invalid memory location.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
27cpe:2.3:a:wireshark:wireshark:1.6.0:*:*:*:*:*:*:*+ 20 more
- cpe:2.3:a:wireshark:wireshark:1.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.10:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.11:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.12:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.13:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.6:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.7:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.8:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.9:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.5:*:*:*:*:*:*:*
- (no CPE)range: <1.6.14, <1.8.6
Patches
Vulnerability mechanics
References
10- anonsvn.wireshark.org/viewvcnvdVendor Advisory
- www.wireshark.org/docs/relnotes/wireshark-1.6.14.htmlnvdVendor Advisory
- www.wireshark.org/docs/relnotes/wireshark-1.8.6.htmlnvdVendor Advisory
- www.wireshark.org/security/wnpa-sec-2013-22.htmlnvdVendor Advisory
- lists.opensuse.org/opensuse-updates/2013-03/msg00065.htmlnvd
- lists.opensuse.org/opensuse-updates/2013-03/msg00077.htmlnvd
- secunia.com/advisories/52471nvd
- www.debian.org/security/2013/dsa-2644nvd
- bugs.wireshark.org/bugzilla/show_bug.cginvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16672nvd
News mentions
0No linked articles in our index yet.