PT-2016-3984 · Wireshark · Wireshark
Mateusz Jurczyk
·
Publicado
2016-01-04
·
Atualizado
2024-06-15
·
CVE-2015-8736
CVSS v3.1
5.5
Média
| Vetor | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Wireshark versions 2.0.0 through 2.0.1
Description
The issue is related to a denial of service caused by a stack-based buffer overflow and application crash. This can be triggered by remote attackers via a crafted file. The
mp2t find next pcr function in wiretap/mp2t.c does not reserve memory for a trailer, leading to the overflow.Recommendations
For Wireshark versions 2.0.0 through 2.0.1, update to version 2.0.1 or later to resolve the issue.
Exploit
Correção
DoS
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Wireshark