CVE-2015-8733

moderate-risk
Published 2016-01-04

The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.

Do I need to act?

~
1.6% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
!
1 public exploit available
39076
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.5/10 Medium
LOCAL / LOW complexity

Affected Products (10)

Affected Vendors

Wireshark

References (16)

http://www.debian.org/security/2016/dsa-3505
http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
http://www.securityfocus.com/bid/79814
http://www.securitytracker.com/id/1034551
Vendor Advisory http://www.wireshark.org/security/wnpa-sec-2015-51.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11827
https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=53a3e53f...
https://security.gentoo.org/glsa/201604-05
http://www.debian.org/security/2016/dsa-3505
http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
http://www.securityfocus.com/bid/79814
http://www.securitytracker.com/id/1034551
Vendor Advisory http://www.wireshark.org/security/wnpa-sec-2015-51.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11827
https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=53a3e53f...
https://security.gentoo.org/glsa/201604-05
45
/ 100
moderate-risk
Severity 18/34 · Moderate
Exploitability 11/34 · Low
Exposure 16/34 · Moderate