CVE-2016-4419

Publication date 1 May 2016

Last updated 25 August 2025

Ubuntu priority

Low

Why this priority?

Cvss 3 Severity Score

5.9 · Medium

Score breakdown

Description

epan/dissectors/packet-spice.c in the SPICE dissector in Wireshark 2.x before 2.0.2 mishandles capability data, which allows remote attackers to cause a denial of service (large loop) via a crafted packet.

Read the notes from the security team

Status

Package Ubuntu Release Status
wireshark 16.04 LTS xenial
Not affected
15.10 wily
Not affected
14.04 LTS trusty
Not affected
12.04 LTS precise
Not affected

Notes

sbeattie

only affects wireshark 2.0.x

Severity score breakdown

CVSS version: CVSS v3.0

Base score 5.9 · Medium

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

References

Other references

Access our resources on patching vulnerabilities