5

CVE-2015-2189

Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via an invalid Interface Statistics Block (ISB) interface ID in a crafted packet.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
WiresharkWireshark Version1.10.0
WiresharkWireshark Version1.10.1
WiresharkWireshark Version1.10.2
WiresharkWireshark Version1.10.3
WiresharkWireshark Version1.10.4
WiresharkWireshark Version1.10.5
WiresharkWireshark Version1.10.6
WiresharkWireshark Version1.10.7
WiresharkWireshark Version1.10.8
WiresharkWireshark Version1.10.9
WiresharkWireshark Version1.10.10
WiresharkWireshark Version1.10.11
WiresharkWireshark Version1.10.12
WiresharkWireshark Version1.12.0
WiresharkWireshark Version1.12.1
WiresharkWireshark Version1.12.2
WiresharkWireshark Version1.12.3
OracleLinux Version7
OracleSolaris Version11.2
OpensuseOpensuse Version13.1
OpensuseOpensuse Version13.2
DebianDebian Linux Version7.0
DebianDebian Linux Version8.0
MageiaMageia Version4.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.6% 0.904
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1460.html
http://lists.opensuse.org/opensuse-updates/2015-03/msg00038.html
Third Party Advisory
http://www.securitytracker.com/id/1031858
Third Party Advisory
VDB Entry
https://security.gentoo.org/glsa/201510-03
http://advisories.mageia.org/MGASA-2015-0117.html
Third Party Advisory
http://www.debian.org/security/2015/dsa-3210
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2015:183
Broken Link
http://www.securityfocus.com/bid/72944
http://www.wireshark.org/security/wnpa-sec-2015-08.html
Vendor Advisory
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10895
Issue Tracking
https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=a835c85e3d662343d7283f1dcdacb8a11d1d0727