Vulnerability Details : CVE-2015-8713
epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not properly reserve memory for channel ID mappings, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.
Vulnerability category: OverflowInput validationDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2015-8713
Probability of exploitation activity in the next 30 days: 0.26%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 63 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2015-8713
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST |
5.5
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H |
1.8
|
3.6
|
NIST |
CWE ids for CVE-2015-8713
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-8713
-
https://security.gentoo.org/glsa/201604-05
Wireshark: Multiple vulnerabilities (GLSA 201604-05) — Gentoo security
-
http://www.securityfocus.com/bid/79816
Wireshark Multiple Denial of Service Vulnerabilities
-
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11606
11606 – UMTS FP dissector crashes
-
http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
Oracle Solaris Bulletin - January 2016
-
http://www.wireshark.org/security/wnpa-sec-2015-32.html
Wireshark · wnpa-sec-2015-32 · UMTS FP dissector crashesVendor Advisory
-
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=67b6d4f7e6f2117b40957fd51518aa2a3e659002
code.wireshark Code Review - wireshark.git/commit
-
http://www.securitytracker.com/id/1034551
Wireshark Multiple Dissector/Parser Bugs Let Remote Users Deny Service - SecurityTracker
-
http://www.debian.org/security/2016/dsa-3505
Debian -- Security Information -- DSA-3505-1 wireshark
Products affected by CVE-2015-8713
- cpe:2.3:a:wireshark:wireshark:1.12.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.1:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.2:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.3:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.4:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.5:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.6:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.7:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.8:*:*:*:*:*:*:*