wireshark-gtk: denial of service

2014-11-20T00:00:00
ID ASA-201411-23
Type archlinux
Reporter Arch Linux
Modified 2014-11-20T00:00:00

Description

  • CVE-2014-8710 (out-of-bounds read) Out-of-bounds read flaw in the SigComp dissector (sigcomp-udvm) leads to denial of service while processing malformed packets.

  • CVE-2014-8711 (out-of-bounds read) The AMQP dissector is seeing a large value in the capture file for what it thinks should be a field specifying the number of elements in an array, resulting in undetected overflow (wrapping).

  • CVE-2014-8712 (stack buffer overflow) An issue in the NCP dissector while constructing strings may lead to incorrect data length, resulting in stack buffer overflow and denial of service.

  • CVE-2014-8713 (denial of service) An issue in the NCP dissector may lead to denial of service while accessing an uninitialized buffer.

  • CVE-2014-8714 (denial of service) A missing exit when the offset is not incremented in the tn5250 dissector is leading to an endless loop, resulting in denial of service.