Home CVE Database CVE-2015-8733

CVE-2015-8733

Description

The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.

Priority: Medium
CVSS v3: 5.5
Publish Date: Jan 4, 2016
Related ID: --
CVSS v2: Medium
Modified Date: Jan 4, 2016

Find out more about CVE-2015-8733 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

wireshark

Live chat
Online