CVE Vulnerabilities

CVE-2015-0559

Published: Jan 10, 2015 | Modified: Nov 07, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
4.3 MODERATE
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V3
Ubuntu
MEDIUM

Multiple use-after-free vulnerabilities in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted packet, related to the use of packet-scope memory instead of pinfo-scope memory.

Affected Software

Name Vendor Start Version End Version
Opensuse Opensuse 13.1 (including) 13.1 (including)
Opensuse Opensuse 13.2 (including) 13.2 (including)
Wireshark Ubuntu artful *
Wireshark Ubuntu bionic *
Wireshark Ubuntu esm-apps/bionic *
Wireshark Ubuntu esm-apps/xenial *
Wireshark Ubuntu lucid *
Wireshark Ubuntu precise *
Wireshark Ubuntu trusty *
Wireshark Ubuntu trusty/esm *
Wireshark Ubuntu upstream *
Wireshark Ubuntu utopic *
Wireshark Ubuntu vivid *
Wireshark Ubuntu wily *
Wireshark Ubuntu xenial *
Wireshark Ubuntu yakkety *
Wireshark Ubuntu zesty *

References