Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2015-8726

Опубликовано: 04 янв. 2016
Источник: debian

Описание

wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
wiresharkfixed2.0.1+g59ea380-1package
wiresharknot-affectedwheezypackage
wiresharknot-affectedsqueezepackage

Примечания

  • https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b8fa3d463c1bdd9b84c897441e7a5c8ad1f0f292

  • https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=185911de7d337246044c8e99da2f5b4bac74c0d5

  • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11791

  • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11789

  • http://www.wireshark.org/security/wnpa-sec-2015-44.html

Связанные уязвимости

ubuntu логотип

CVE-2015-8726

CVSS3: 5.5
ubuntu
около 10 лет назад

wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.

redhat логотип

CVE-2015-8726

redhat
около 10 лет назад

wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.

nvd логотип

CVE-2015-8726

CVSS3: 5.5
nvd
около 10 лет назад

wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.

github логотип

GHSA-xvf3-2285-frhr

CVSS3: 5.5
github
больше 3 лет назад

wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.

suse-cvrf логотип

openSUSE-SU-2016:0054-1

suse-cvrf
около 10 лет назад

Security update for wireshark