PT-2016-3984 · Wireshark · Wireshark
Mateusz Jurczyk
·
Published
2016-01-04
·
Updated
2024-06-15
·
CVE-2015-8736
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Wireshark versions 2.0.0 through 2.0.1
Description
The issue is related to a denial of service caused by a stack-based buffer overflow and application crash. This can be triggered by remote attackers via a crafted file. The
mp2t find next pcr function in wiretap/mp2t.c does not reserve memory for a trailer, leading to the overflow.Recommendations
For Wireshark versions 2.0.0 through 2.0.1, update to version 2.0.1 or later to resolve the issue.
Exploit
Fix
DoS
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wireshark