5

CVE-2015-2188

epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that is improperly handled during decompression.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
WiresharkWireshark Version1.10.0
WiresharkWireshark Version1.10.1
WiresharkWireshark Version1.10.2
WiresharkWireshark Version1.10.3
WiresharkWireshark Version1.10.4
WiresharkWireshark Version1.10.5
WiresharkWireshark Version1.10.6
WiresharkWireshark Version1.10.7
WiresharkWireshark Version1.10.8
WiresharkWireshark Version1.10.9
WiresharkWireshark Version1.10.10
WiresharkWireshark Version1.10.11
WiresharkWireshark Version1.10.12
WiresharkWireshark Version1.12.0
WiresharkWireshark Version1.12.1
WiresharkWireshark Version1.12.2
WiresharkWireshark Version1.12.3
MageiaMageia Version4.0
OpensuseOpensuse Version13.1
OpensuseOpensuse Version13.2
DebianDebian Linux Version7.0
DebianDebian Linux Version8.0
OracleLinux Version7
OracleSolaris Version11.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.42% 0.902
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2015-03/msg00038.html
Third Party Advisory
http://www.securitytracker.com/id/1031858
Third Party Advisory
VDB Entry
https://security.gentoo.org/glsa/201510-03
http://advisories.mageia.org/MGASA-2015-0117.html
Third Party Advisory
http://www.debian.org/security/2015/dsa-3210
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2015:183
Broken Link
http://www.securityfocus.com/bid/72942
http://www.wireshark.org/security/wnpa-sec-2015-07.html
Vendor Advisory
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10844
Issue Tracking
https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=b204ff4846fe84b7789893c6b1d9afbdecac5b5d