CVE-2015-7830
Wireshark PCAPNG if_filter Arbitrary Free Remote Code Execution Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The pcapng_read_if_descr_block function in wiretap/pcapng.c in the pcapng parser in Wireshark 1.12.x before 1.12.8 uses too many levels of pointer indirection, which allows remote attackers to cause a denial of service (incorrect free and application crash) via a crafted packet that triggers interface-filter copying.
La función pcapng_read_if_descr_block en wiretap/pcapng.c en el analizador pcapng en Wireshark 1.12.x en versiones anteriores a 1.12.8 utiliza demasiados niveles de indirección de puntero, lo que permite a atacantes remotos provocar una denegación de servicio (liberación de memoria incorrecta y caída de aplicación) a través de un paquete manipulado que desencadena el copiado del filtro de interfaz.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wireshark. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of PCAPNG files. The issue lies in the handling of the if_filter section within next-generation PCAP files. An attacker can leverage this vulnerability to execute arbitrary code under the context of the the current process.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2015-10-14 CVE Reserved
- 2015-10-20 CVE Published
- 2023-11-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (10)
URL | Tag | Source |
---|---|---|
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | Third Party Advisory | |
http://www.securityfocus.com/bid/77101 | Vdb Entry | |
http://www.securityfocus.com/bid/78723 | Vdb Entry | |
http://www.securitytracker.com/id/1033953 | Vdb Entry | |
http://www.zerodayinitiative.com/advisories/ZDI-15-624 | X_refsource_misc | |
https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=72497918b16b706c3ba75e1f731f58b802ca14d1 | X_refsource_confirm |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://lists.opensuse.org/opensuse-updates/2015-10/msg00053.html | 2023-11-07 | |
http://www.debian.org/security/2016/dsa-3505 | 2023-11-07 | |
http://www.wireshark.org/security/wnpa-sec-2015-30.html | 2023-11-07 | |
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11455 | 2023-11-07 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Oracle Search vendor "Oracle" | Solaris Search vendor "Oracle" for product "Solaris" | 11.3 Search vendor "Oracle" for product "Solaris" and version "11.3" | - |
Affected
| ||||||
Wireshark Search vendor "Wireshark" | Wireshark Search vendor "Wireshark" for product "Wireshark" | 1.12.0 Search vendor "Wireshark" for product "Wireshark" and version "1.12.0" | - |
Affected
| ||||||
Wireshark Search vendor "Wireshark" | Wireshark Search vendor "Wireshark" for product "Wireshark" | 1.12.1 Search vendor "Wireshark" for product "Wireshark" and version "1.12.1" | - |
Affected
| ||||||
Wireshark Search vendor "Wireshark" | Wireshark Search vendor "Wireshark" for product "Wireshark" | 1.12.2 Search vendor "Wireshark" for product "Wireshark" and version "1.12.2" | - |
Affected
| ||||||
Wireshark Search vendor "Wireshark" | Wireshark Search vendor "Wireshark" for product "Wireshark" | 1.12.3 Search vendor "Wireshark" for product "Wireshark" and version "1.12.3" | - |
Affected
| ||||||
Wireshark Search vendor "Wireshark" | Wireshark Search vendor "Wireshark" for product "Wireshark" | 1.12.4 Search vendor "Wireshark" for product "Wireshark" and version "1.12.4" | - |
Affected
| ||||||
Wireshark Search vendor "Wireshark" | Wireshark Search vendor "Wireshark" for product "Wireshark" | 1.12.5 Search vendor "Wireshark" for product "Wireshark" and version "1.12.5" | - |
Affected
| ||||||
Wireshark Search vendor "Wireshark" | Wireshark Search vendor "Wireshark" for product "Wireshark" | 1.12.6 Search vendor "Wireshark" for product "Wireshark" and version "1.12.6" | - |
Affected
| ||||||
Wireshark Search vendor "Wireshark" | Wireshark Search vendor "Wireshark" for product "Wireshark" | 1.12.7 Search vendor "Wireshark" for product "Wireshark" and version "1.12.7" | - |
Affected
|