Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2015-3813

Published: 26/05/2015 Updated: 07/11/2023
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Wireshark

Vulnerability Summary

The fragment_add_work function in epan/reassemble.c in the packet-reassembly feature in Wireshark 1.12.x prior to 1.12.5 does not properly determine the defragmentation state in a case of an insufficient snapshot length, which allows remote malicious users to cause a denial of service (memory consumption) via a crafted packet.

Vulnerable Product Search on Vulmon Subscribe to Product

wireshark wireshark 1.12.4

wireshark wireshark 1.12.0

wireshark wireshark 1.12.2

wireshark wireshark 1.12.1

wireshark wireshark 1.12.3

Vendor Advisories

Red Hat: Moderate: wireshark security and bug fix update
Synopsis Moderate: wireshark security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for wireshark is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS ...
Debian Security Advisories: DSA-3277-1 wireshark -- security update
Multiple vulnerabilities were discovered in the dissectors/parsers for LBMR, web sockets, WCP, X11, IEEE 80211 and Android Logcat, which could result in denial of service For the oldstable distribution (wheezy), these problems have been fixed in version 182-5wheezy16 For the stable distribution (jessie), these problems have been fixed in versi ...
Amazon Linux AMI: ALAS-2017-813
Several denial of service flaws were found in Wireshark Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file ...

References

CWE-399http://www.wireshark.org/security/wnpa-sec-2015-16.htmlhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11129http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlhttp://www.securityfocus.com/bid/74633http://www.debian.org/security/2015/dsa-3277https://security.gentoo.org/glsa/201510-03http://rhn.redhat.com/errata/RHSA-2017-0631.htmlhttps://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=c35f2ccb4433718416551cc7a85afb0860529d57https://access.redhat.com/errata/RHSA-2017:0631https://nvd.nist.govhttps://www.debian.org/security/./dsa-3277
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987buffer overflowCVE-2024-28890CVE-2024-27574CVE-2024-27347CVE-2024-31450privilegeSSTICVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook