PT-2015-7130 · Wireshark+2 · Wireshark+2

Publicado

2015-08-11

Atualizado

2024-06-15

CVE-2015-6241

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Wireshark versions 1.12.x through 1.12.6

Description The issue is related to the proto tree add bytes item function in the protocol-tree implementation. It does not properly terminate a data structure after a failure to locate a number within a string. This allows remote attackers to cause a denial of service, resulting in an application crash, via a crafted packet.

Recommendations For Wireshark versions 1.12.x through 1.12.6, update to version 1.12.7 or later to resolve the issue.

Correção

DoS

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

ALT-PU-2015-1883

CVE-2015-6241

DSA-3367-1

OPENSUSE-SU-2024:10199-1

SUSE-SU-2015:1676-1

SUSE-SU-2015:1676-2

SUSE-SU-2015:1713-1

Produtos afetados

Alt Linux

Suse

Wireshark

PT-2015-7130 · Wireshark+2 · Wireshark+2

CVE-2015-6241

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 304