26 matches found
OSV-2026-86 Security exception in java.base/java.util.Arrays.copyOfRange
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=476431399 Crash type: Security exception Crash state: java.base/java.util.Arrays.copyOfRange org.apache.poi.util.IOUtils.safelyClone org.apache.poi.ddf.EscherBlipRecord.setPictureData...
EUVD-2020-18498
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-25866
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed not...
SUSE CVE-2020-25866
In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed not uncompressed messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs...
The vulnerability of the BLIP protocol analyzer in Wireshark software allows a hacker to trigger a service failure.
The vulnerability of the BLIP protocol analyzer in Wireshark is related to pointer assignment errors. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...
SUSE SLED15 / SLES15 Security Update : wireshark (SUSE-SU-2020:3166-1)
This update for wireshark fixes the following issues : Update to wireshark 3.2.7 : - CVE-2020-25863: MIME Multipart dissector crash bsc1176908 - CVE-2020-25862: TCP dissector crash bsc1176909 - CVE-2020-25866: BLIP dissector crash bsc1176910 - CVE-2020-17498: Kafka dissector crash bsc1175204 Note...
openSUSE Security Update : wireshark (openSUSE-2020-1882)
This update for wireshark fixes the following issues : - Update to wireshark 3.2.7 : - CVE-2020-25863: MIME Multipart dissector crash bsc1176908 - CVE-2020-25862: TCP dissector crash bsc1176909 - CVE-2020-25866: BLIP dissector crash bsc1176910 - CVE-2020-17498: Kafka dissector crash bsc1175204 Th...
Security update for wireshark (moderate)
openSUSE Security Update: Security update for wireshark Announcement ID: openSUSE-SU-2020:1878-1 Rating: moderate References: 1175204 1176908 1176909 1176910 Cross-References: CVE-2020-17498 CVE-2020-25862 CVE-2020-25863 CVE-2020-25866 Affected Products: openSUSE Leap 15.1 An update that fixes fo...
Updated wireshark packages fix security vulnerabilities
The TCP dissector could crash CVE-2020-25862. The MIME Multipart dissector could crash CVE-2020-25863. The BLIP dissector could crash CVE-2020-25866...
MGASA-2020-0384 Updated wireshark packages fix security vulnerabilities
The TCP dissector could crash CVE-2020-25862. The MIME Multipart dissector could crash CVE-2020-25863. The BLIP dissector could crash CVE-2020-25866...
CVE-2020-25866
In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed not uncompressed messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs...
CVE-2020-25866
In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed not uncompressed messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs...
CVE-2020-25866
In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed not uncompressed messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs...
DEBIAN-CVE-2020-25866
In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed not uncompressed messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs...
CVE-2020-25866
In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed not uncompressed messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs...
Null pointer dereference
In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed not uncompressed messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs...
UBUNTU-CVE-2020-25866
In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed not uncompressed messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs...
CVE-2020-25866
In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed not uncompressed messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs...
CVE-2020-25866
Wireshark CVE-2020-25866 affects the BLIP protocol dissector. Versions 3.2.0–3.2.6 and 3.0.0–3.0.13 are vulnerable to a NULL pointer dereference caused by sizing buffers for compressed (not uncompressed) messages. The issue is mitigated in the fix where the code path in epan/dissectors/packet-bli...
CVE-2020-25866
In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed not uncompressed messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs...