Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiAnonymousZDI-15-624
HistoryDec 08, 2015 - 12:00 a.m.

Wireshark PCAPNG if_filter Arbitrary Free Remote Code Execution Vulnerability

2015-12-0800:00:00
Anonymous
www.zerodayinitiative.com
17

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.004 Low

EPSS

Percentile

74.3%

JSON

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Wireshark. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of PCAPNG files. The issue lies in the handling of the if_filter section within next-generation PCAP files. An attacker can leverage this vulnerability to execute arbitrary code under the context of the the current process.

Related

debiancve 1
openvas 7
prion 1
freebsd 1
mageia 1
nessus 6
kaspersky 1
ubuntucve 1
cve 1
avleonov 1
osv 1
debian 1
debiancve
debiancve
CVE-2015-7830
2015-11-15 03:59:00
openvas
openvas
Wireshark Pcapng File Parser Denial-of-Service Vulnerability (Nov 2015) - Windows
2015-11-19 00:00:00
Wireshark Pcapng File Parser Denial-of-Service Vulnerability (Nov 2015) - Mac OS X
2015-11-19 00:00:00
Mageia: Security Advisory (MGASA-2015-0403)
2015-10-16 00:00:00
prion
prion
Design/Logic Flaw
2015-11-15 03:59:00
freebsd
freebsd
wireshark -- Pcapng file parser crash
2015-10-14 00:00:00
mageia
mageia
Updated wireshark packages fix security vulnerabilities
2015-10-15 22:50:55
nessus
nessus
Wireshark 1.12.x < 1.12.8 pcapng File Parser DoS
2015-10-21 00:00:00
FreeBSD : wireshark -- Pcapng file parser crash (24e4d383-7b3e-11e5-a250-68b599b52a02)
2015-10-26 00:00:00
openSUSE Security Update : wireshark (openSUSE-2015-683)
2015-10-29 00:00:00
kaspersky
kaspersky
KLA10701 Denial of service vulnerability in Wireshark
2015-10-14 00:00:00
ubuntucve
ubuntucve
CVE-2015-7830
2015-11-15 00:00:00
cve
cve
CVE-2015-7830
2015-11-15 03:59:00
avleonov
avleonov
Parsing Nessus v2 XML reports with python
2020-03-09 01:12:00
osv
osv
wireshark - security update
2016-03-04 00:00:00
debian
debian
[SECURITY] [DSA 3505-1] wireshark security update
2016-03-04 19:04:01

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.004 Low

EPSS

Percentile

74.3%

JSON
Related for ZDI-15-624
debiancve1openvas7prion1freebsd1mageia1nessus6kaspersky1ubuntucve1cve1avleonov1osv1debian1