5

CVE-2015-0562

Multiple use-after-free vulnerabilities in epan/dissectors/packet-dec-dnart.c in the DEC DNA Routing Protocol dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted packet, related to the use of packet-scope memory instead of pinfo-scope memory.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
WiresharkWireshark Version1.10.0
WiresharkWireshark Version1.10.1
WiresharkWireshark Version1.10.2
WiresharkWireshark Version1.10.3
WiresharkWireshark Version1.10.4
WiresharkWireshark Version1.10.5
WiresharkWireshark Version1.10.6
WiresharkWireshark Version1.10.7
WiresharkWireshark Version1.10.8
WiresharkWireshark Version1.10.9
WiresharkWireshark Version1.10.10
WiresharkWireshark Version1.10.11
WiresharkWireshark Version1.12.0
WiresharkWireshark Version1.12.1
WiresharkWireshark Version1.12.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.65% 0.836
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://rhn.redhat.com/errata/RHSA-2015-1460.html
http://lists.opensuse.org/opensuse-updates/2015-01/msg00053.html
http://secunia.com/advisories/62612
http://advisories.mageia.org/MGASA-2015-0019.html
http://secunia.com/advisories/62673
http://www.debian.org/security/2015/dsa-3141
http://www.mandriva.com/security/advisories?name=MDVSA-2015:022
http://www.securityfocus.com/bid/71921
http://www.wireshark.org/security/wnpa-sec-2015-03.html
Vendor Advisory
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10724
https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=a559f2a050947f793c00159c0cd4d30f403f217c