CVE-2015-7830 – Wireshark PCAPNG if_filter Arbitrary Free Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2015-7830

The pcapng_read_if_descr_block function in wiretap/pcapng.c in the pcapng parser in Wireshark 1.12.x before 1.12.8 uses too many levels of pointer indirection, which allows remote attackers to cause a denial of service (incorrect free and application crash) via a crafted packet that triggers interface-filter copying. La función pcapng_read_if_descr_block en wiretap/pcapng.c en el analizador pcapng en Wireshark 1.12.x en versiones anteriores a 1.12.8 utiliza demasiados niveles de indirección de puntero, lo que permite a atacantes remotos provocar una denegación de servicio (liberación de memoria incorrecta y caída de aplicación) a través de un paquete manipulado que desencadena el copiado del filtro de interfaz. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wireshark. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of PCAPNG files. The issue lies in the handling of the if_filter section within next-generation PCAP files. • http://lists.opensuse.org/opensuse-updates/2015-10/msg00053.html http://www.debian.org/security/2016/dsa-3505 http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html http://www.securityfocus.com/bid/77101 http://www.securityfocus.com/bid/78723 http://www.securitytracker.com/id/1033953 http://www.wireshark.org/security/wnpa-sec-2015-30.html http://www.zerodayinitiative.com/advisories/ZDI-15-624 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11455 https: • CWE-20: Improper Input Validation •