1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
Candidate: CVE-2015-3906
PublicDate: 2015-05-26
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3906
http://www.wireshark.org/security/wnpa-sec-2015-18.html
Description:
The logcat_dump_text function in wiretap/logcat.c in the Android Logcat
file parser in Wireshark 1.12.x before 1.12.5 does not properly handle a
lack of \0 termination, which allows remote attackers to cause a denial of
service (out-of-bounds read and application crash) via a crafted message in
a packet, a different vulnerability than CVE-2015-3815.
Ubuntu-Description:
Notes:
Bugs:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11188
Priority: low
Discovered-by:
Assigned-to:
Patches_wireshark:
upstream: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b3b1f7c3aa2233a147294bad833b748d38fba84d
upstream_wireshark: needs-triage
precise_wireshark: not-affected
trusty_wireshark: not-affected (1.10.6-1)
utopic_wireshark: ignored (reached end-of-life)
vivid_wireshark: released (1.12.1+g01b65bf-4+deb8u1)
devel_wireshark: not-affected (1.12.5+g5819e5b-1)
|