CVE-2015-2191

2015-03-08 03:59:05 2018-10-30 17:27:35

Integer overflow in the dissect_tnef function in epan/dissectors/packet-tnef.c in the TNEF dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL

Mageia Mageia 4.0 (not an official CPE) Debian Linux 8.0 (Jessie) Debian Linux 7.0 Opensuse Opensuse 13.1 (not an official CPE) Opensuse Opensuse 13.2 (not an official CPE)

Wireshark 1.12.3 Wireshark Wireshark 1.12.2 Wireshark Wireshark 1.12.1 (not an official CPE) Wireshark Wireshark 1.12.0 (not an official CPE) Wireshark Wireshark 1.10.11 Wireshark 1.10.12 Wireshark Wireshark 1.10.10 (not an official CPE) Wireshark 1.10.9 Wireshark 1.10.8 Wireshark 1.10.7 Wireshark 1.10.6 Wireshark 1.10.5 Wireshark 1.10.4 Wireshark 1.10.3 Wireshark Wireshark 1.10.2 Wireshark Wireshark 1.10.1 Wireshark 1.10.0

Mageia - Mageia Debian - Debian linux Wireshark - Wireshark Opensuse - Opensuse

Advisory	Patch	Confirmed	Link
			https://code.wireshark.org/review/gitweb?p=wireshark.git...
			1031858
			http://www.wireshark.org/security/wnpa-sec-2015-10.html
			https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1102...
			72941
			http://www.oracle.com/technetwork/topics/security/linuxb...
			MDVSA-2015:183
			DSA-3210
			openSUSE-SU-2015:0489
			RHSA-2015:1460
			http://advisories.mageia.org/MGASA-2015-0117.html
			GLSA-201510-03

CVE-2015-2191

2015-03-08 03:59:05 2018-10-30 17:27:35

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)