NVD

Id
25460  
Name
CVE-2015-3813  
Description
The fragment_add_work function in epan/reassemble.c in the packet-reassembly feature in Wireshark 1.12.x before 1.12.5 does not properly determine the defragmentation state in a case of an insufficient snapshot length, which allows remote attackers to cause a denial of service (memory consumption) via a crafted packet.  
Reject
 
CVSS Version
2  
CVSS Score
5  
Severity
Medium  
CVSS Base Score
5  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:P)  
Pub Date
2017-01-19  
Published
2015-05-26  
Modified Date
2016-12-30  
Seq
2015-3813  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
134706 25460 CVE-2015-3813 DSA-3277  View
134707 25460 CVE-2015-3813 http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html  View
134708 25460 CVE-2015-3813 74633  View
134709 25460 CVE-2015-3813 http://www.wireshark.org/security/wnpa-sec-2015-16.html  View
134710 25460 CVE-2015-3813 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11129  View
134711 25460 CVE-2015-3813 https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c35f2ccb4433718416551cc7a85afb0860529d57  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
7499 JVNDB-2015-002819 Wireshark のパケットリアセンブリ機能の epan/reassemble.c におけるサービス運用妨害 (DoS) の脆弱性 Wireshark のパケットリアセンブリ機能の epan/reassemble.c 内の fragment_add_work 関数は、スナップショットの長さが十分でない場合、デフラグ (最適化) の状態を適切に判断しないため、サービス運用妨害 (メモリ消費) 状態にされる脆弱性が存在します。 CVE-2015-3813 81038 CVE-2015-3813 25460 5 http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-002819.html 2015-05-12 2015-05-28 View