epan/proto.c in Wireshark 1.12.x before 1.12.4 does not properly handle integer data types greater than 32 bits in size, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet that is improperly handled by the LLDP dissector.
References
Link | Resource |
---|---|
http://lists.opensuse.org/opensuse-updates/2015-03/msg00038.html | Third Party Advisory |
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | Third Party Advisory |
http://www.securityfocus.com/bid/72938 | |
http://www.securitytracker.com/id/1031858 | Third Party Advisory VDB Entry |
http://www.wireshark.org/security/wnpa-sec-2015-09.html | Vendor Advisory |
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10983 | Issue Tracking |
https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=d1865e000ebedf49fc0d9f221a11d6af74360837 | |
https://security.gentoo.org/glsa/201510-03 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2015-03-08T02:00:00
Updated: 2017-06-30T16:57:01
Reserved: 2015-03-02T00:00:00
Link: CVE-2015-2190
JSON object: View
NVD Information
Status : Modified
Published: 2015-03-08T02:59:04.870
Modified: 2023-11-07T02:25:10.770
Link: CVE-2015-2190
JSON object: View
Redhat Information
No data.
CWE