Lucene search

K

MitreCVELIST:CVE-2015-8722

HistoryJan 04, 2016 - 2:00 a.m.

CVE-2015-8722

2016-01-0402:00:00

mitre

www.cve.org

5.3 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.8%

epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the frame pointer, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.

References

www.debian.org/security/2016/dsa-3505

www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html

www.securityfocus.com/bid/79814

www.securitytracker.com/id/1034551

www.wireshark.org/security/wnpa-sec-2015-41.html

bugs.wireshark.org/bugzilla/show_bug.cgi?id=11767

code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=1b32d505a59475d51d9b2bed5f0869d2d154e8b6

code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=2259bf8a827088081bef101f98e4983de8aa8099

security.gentoo.org/glsa/201604-05

5.3 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

52.8%

Related for CVELIST:CVE-2015-8722

prion1 ubuntucve1 nvd1 cve1 debiancve1 openvas7 nessus10 debian1 archlinux3 osv1 f52 kaspersky1 gentoo1