Published: 11/03/2014 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

epan/dissectors/packet-rlc in the RLC dissector in Wireshark 1.8.x prior to 1.8.13 and 1.10.x prior to 1.10.6 uses inconsistent memory-management approaches, which allows remote malicious users to cause a denial of service (use-after-free error and application crash) via a crafted UMTS Radio Link Control packet.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wireshark wireshark 1.8.10
wireshark wireshark 1.8.6
wireshark wireshark 1.8.2
wireshark wireshark 1.8.9
wireshark wireshark 1.8.11
wireshark wireshark 1.8.3
wireshark wireshark 1.8.1
wireshark wireshark 1.8.12
wireshark wireshark 1.8.7
wireshark wireshark 1.8.0
wireshark wireshark 1.8.4
wireshark wireshark 1.8.5
wireshark wireshark 1.8.8
wireshark wireshark 1.10.0
wireshark wireshark 1.10.3
wireshark wireshark 1.10.2
wireshark wireshark 1.10.1
wireshark wireshark 1.10.4
wireshark wireshark 1.10.5

Debian Bug report logs - #776135 wireshark: Multiple security issues in 1122 and prior versions Package: wireshark; Maintainer for wireshark is Balint Reczey <rbalint@ubuntucom>; Source for wireshark is src:wireshark (PTS, buildd, popcon) Reported by: balint@balintreczeyhu Date: Sat, 24 Jan 2015 10:51:01 UTC Severity: ...

Debian Bug report logs - #780372 CVE-2015-2187 CVE-2015-2188 CVE-2015-2189 CVE-2015-2190 CVE-2015-2191 CVE-2015-2192 Package: wireshark; Maintainer for wireshark is Balint Reczey <rbalint@ubuntucom>; Source for wireshark is src:wireshark (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Th ...

Multiple vulnerabilities were discovered in Wireshark: CVE-2014-2281 Moshe Kaplan discovered that the NFS dissector could be crashed, resulting in denial of service CVE-2014-2283 It was discovered that the RLC dissector could be crashed, resulting in denial of service CVE-2014-2299 Wesley Neelen discovered a buffer overflow i ...

Two flaws were found in Wireshark If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark (CVE-2014-2281, CVE-2014-2299) Several denial of service flaws were found in Wireshark Wireshark could crash or stop responding if it read a malfor ...

epan/dissectors/packet-rlc in the RLC dissector in Wireshark 18x before 1813 and 110x before 1106 uses inconsistent memory-management approaches, which allows remote attackers to cause a denial of service (use-after-free error and application crash) via a crafted UMTS Radio Link Control packet ...

NVD-CWE-Other http://www.wireshark.org/security/wnpa-sec-2014-03.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9730 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9802 http://www.debian.org/security/2014/dsa-2871 http://lists.opensuse.org/opensuse-updates/2014-03/msg00047.html http://lists.opensuse.org/opensuse-updates/2014-03/msg00046.html http://secunia.com/advisories/57480 http://secunia.com/advisories/57489 http://rhn.redhat.com/errata/RHSA-2014-0342.html http://www.securitytracker.com/id/1029907 https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark10 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=217293ba4a0353bf5d657e74fe8623dd3c86fe08 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776135 https://access.redhat.com/security/cve/cve-2014-2283 https://www.debian.org/security/./dsa-2871

CVE-2014-2283

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect