CVE-2015-0563

epan/dissectors/packet-smtp.c in the SMTP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 uses an incorrect length value for certain string-append operations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:wireshark:wireshark:1.10.0:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.10.1:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.10.2:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.10.3:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.10.4:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.10.5:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.10.6:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.10.7:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.10.8:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.10.9:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.10.10:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.10.11:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.12.0:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.12.1:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.12.2:*:*:*:*:*:*:*

History

07 Nov 2023, 02:23

Type Values Removed Values Added
References
  • {'url': 'https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=854157883bd1972e012c65c0418a9732ef5d9fb0', 'name': 'https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=854157883bd1972e012c65c0418a9732ef5d9fb0', 'tags': [], 'refsource': 'CONFIRM'}
  • {'url': 'https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=611cfd00c283e7a77a2f1fd89c01b0b9f691411b', 'name': 'https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=611cfd00c283e7a77a2f1fd89c01b0b9f691411b', 'tags': [], 'refsource': 'CONFIRM'}
  • () https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=611cfd00c283e7a77a2f1fd89c01b0b9f691411b -
  • () https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=854157883bd1972e012c65c0418a9732ef5d9fb0 -

Information

Published : 2015-01-10 02:59

Updated : 2024-02-28 12:20


NVD link : CVE-2015-0563

Mitre link : CVE-2015-0563

CVE.ORG link : CVE-2015-0563


JSON object : View

Products Affected

opensuse

  • opensuse

wireshark

  • wireshark
CWE
CWE-20

Improper Input Validation