Published: 04/01/2016 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x prior to 1.12.9 does not initialize a certain IPv4 data structure, which allows remote malicious users to cause a denial of service (application crash) via a crafted packet.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wireshark wireshark 1.12.4
wireshark wireshark 1.12.5
wireshark wireshark 1.12.0
wireshark wireshark 1.12.2
wireshark wireshark 1.12.1
wireshark wireshark 1.12.7
wireshark wireshark 1.12.6
wireshark wireshark 1.12.3
wireshark wireshark 1.12.8

Multiple vulnerabilities were discovered in the dissectors/parsers for Pcapng, NBAP, UMTS FP, DCOM, AllJoyn, T38, SDP, NLM, DNS, BED, SCTP, 80211, DIAMETER, VeriWave, RVSP, ANSi A, GSM A, Ascend, NBAP, ZigBee ZCL and Sniffer which could result in denial of service For the oldstable distribution (wheezy), these problems have been fixed in version ...

The dissect_dcom_OBJREF function in epan/dissectors/packet-dcomc in the DCOM dissector in Wireshark 112x before 1129 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet ...

CWE-20 http://www.wireshark.org/security/wnpa-sec-2015-33.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11610 http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html http://www.securityfocus.com/bid/79816 https://security.gentoo.org/glsa/201604-05 http://www.debian.org/security/2016/dsa-3505 http://www.securitytracker.com/id/1034551 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=d34267d0503a67235bf259fd2f2f2d2bb8b18cf5 https://www.debian.org/security/./dsa-3505 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-8714

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect