CVE-2015-2190
Gentoo Linux Security Advisory 201510-03
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
epan/proto.c in Wireshark 1.12.x before 1.12.4 does not properly handle integer data types greater than 32 bits in size, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet that is improperly handled by the LLDP dissector.
epan/proto.c en Wireshark 1.12.x anterior a 1.12.4 no maneja correctamente los tipos de datos de enteros mayores a 32 bits en tamaño, lo que permite a atacantes remotos causar una denegación de servicio (fallo de aserción y salida de la aplicación) a través de un paquete manipulado que no está correctamente manejado por el disector LLDP.
Multiple vulnerabilities have been found in Wireshark, allowing attackers to cause Denial of Service condition. Versions less than 1.12.7 are affected.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2015-03-02 CVE Reserved
- 2015-03-08 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-19: Data Processing Errors
CAPEC
References (8)
| URL | Tag | Source |
|---|---|---|
| http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory |
|
| http://www.securityfocus.com/bid/72938 | Vdb Entry | |
| http://www.securitytracker.com/id/1031858 | Third Party Advisory | |
| https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10983 | Issue Tracking | |
| https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=d1865e000ebedf49fc0d9f221a11d6af74360837 | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.opensuse.org/opensuse-updates/2015-03/msg00038.html | 2023-11-07 | |
| http://www.wireshark.org/security/wnpa-sec-2015-09.html | 2023-11-07 | |
| https://security.gentoo.org/glsa/201510-03 | 2023-11-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Opensuse Search vendor "Opensuse" | Opensuse Search vendor "Opensuse" for product "Opensuse" | 13.1 Search vendor "Opensuse" for product "Opensuse" and version "13.1" | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Opensuse Search vendor "Opensuse" for product "Opensuse" | 13.2 Search vendor "Opensuse" for product "Opensuse" and version "13.2" | - |
Affected
| ||||||
| Wireshark Search vendor "Wireshark" | Wireshark Search vendor "Wireshark" for product "Wireshark" | 1.12.0 Search vendor "Wireshark" for product "Wireshark" and version "1.12.0" | - |
Affected
| ||||||
| Wireshark Search vendor "Wireshark" | Wireshark Search vendor "Wireshark" for product "Wireshark" | 1.12.1 Search vendor "Wireshark" for product "Wireshark" and version "1.12.1" | - |
Affected
| ||||||
| Wireshark Search vendor "Wireshark" | Wireshark Search vendor "Wireshark" for product "Wireshark" | 1.12.2 Search vendor "Wireshark" for product "Wireshark" and version "1.12.2" | - |
Affected
| ||||||
| Wireshark Search vendor "Wireshark" | Wireshark Search vendor "Wireshark" for product "Wireshark" | 1.12.3 Search vendor "Wireshark" for product "Wireshark" and version "1.12.3" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Solaris Search vendor "Oracle" for product "Solaris" | 11.2 Search vendor "Oracle" for product "Solaris" and version "11.2" | - |
Affected
| ||||||