Published: 10/10/2017 Updated: 07/11/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wireshark wireshark
debian debian linux 8.0

In Wireshark 240 to 241, 220 to 229, and 200 to 2015, the DMP dissector could crash This was addressed in epan/dissectors/packet-dmpc by validating a string length ...

A length check flaw has been discovered in wireshark before 242 in the BT ATT dissector when 7bit strings were decoded leading to application crash by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file ...

CWE-134 https://www.wireshark.org/security/wnpa-sec-2017-44.html https://code.wireshark.org/review/23591 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14068 http://www.securityfocus.com/bid/101227 https://lists.debian.org/debian-lts-announce/2019/01/msg00010.html https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=8dbb21dfde14221dab09b6b9c7719b9067c1f06e https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2017-15191 https://security.archlinux.org/CVE-2017-15191

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-15191

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect