Lucene search

PRIOn knowledge basePRION:CVE-2015-4652

HistoryJul 22, 2015 - 1:59 a.m.

Code injection

2015-07-2201:59:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.004 Low

EPSS

Percentile

74.3%

JSON

epan/dissectors/packet-gsm_a_dtap.c in the GSM DTAP dissector in Wireshark 1.12.x before 1.12.6 does not properly validate digit characters, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to the de_emerg_num_list and de_bcd_num functions.

CPENameOperatorVersion
debian_linuxeq8.0
wiresharkeq1.12.4
wiresharkeq1.12.5
wiresharkeq1.12.0
wiresharkeq1.12.2
wiresharkeq1.12.1
wiresharkeq1.12.3

Name	Operator	Version
debian_linux	eq	8.0
wireshark	eq	1.12.4
wireshark	eq	1.12.5
wireshark	eq	1.12.0
wireshark	eq	1.12.2
wireshark	eq	1.12.1
wireshark	eq	1.12.3

References

lists.opensuse.org/opensuse-updates/2015-07/msg00020.html

www.debian.org/security/2015/dsa-3294

www.securityfocus.com/bid/75316

www.securitytracker.com/id/1032662

bugs.wireshark.org/bugzilla/show_bug.cgi?id=11201

code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=d93be95fc0e7011e8b4ade9171e7e66146063296

security.gentoo.org/glsa/201510-03

www.wireshark.org/security/wnpa-sec-2015-20.html

6.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.004 Low

EPSS

Percentile

74.3%

JSON

Related for PRION:CVE-2015-4652