CVE-2015-2188

NONE EPSS 90.2%
Published Mar 8, 201511y ago · Modified Jun 17, 20262w ago
Find Similar
Published Mar 8, 2015 11y ago
Last Modified Jun 17, 2026 2w ago

Description

epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that is improperly handled during decompression.

Threat Intelligence

EPSS Exploit Probability
90.2% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-19

Affected Products 24

VendorProductVersionRange
wiresharkwireshark1.10.0any
wiresharkwireshark1.10.1any
wiresharkwireshark1.10.2any
wiresharkwireshark1.10.3any
wiresharkwireshark1.10.4any
wiresharkwireshark1.10.5any
wiresharkwireshark1.10.6any
wiresharkwireshark1.10.7any
wiresharkwireshark1.10.8any
wiresharkwireshark1.10.9any
wiresharkwireshark1.10.10any
wiresharkwireshark1.10.11any
wiresharkwireshark1.10.12any
wiresharkwireshark1.12.0any
wiresharkwireshark1.12.1any
wiresharkwireshark1.12.2any
wiresharkwireshark1.12.3any
mageiamageia4.0any
opensuseopensuse13.1any
opensuseopensuse13.2any
debiandebian_linux7.0any
debiandebian_linux8.0any
oraclelinux7any
oraclesolaris11.2any

References 12

  • advisories.mageia.org http://advisories.mageia.org/MGASA-2015-0117.html
    Third Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2015-03/msg00038.html
    Third Party Advisory
  • debian.org http://www.debian.org/security/2015/dsa-3210
    Third Party Advisory
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDVSA-2015:183
    Broken Link
  • oracle.com http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
    Third Party Advisory
  • oracle.com http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
    Third Party Advisory
  • securityfocus.com http://www.securityfocus.com/bid/72942
  • securitytracker.com http://www.securitytracker.com/id/1031858
    Third Party AdvisoryVDB Entry
  • wireshark.org http://www.wireshark.org/security/wnpa-sec-2015-07.html
    Vendor Advisory
  • bugs.wireshark.org https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10844
    Issue Tracking
  • code.wireshark.org https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=b204ff4846fe84b7789893c6b1d9afbdecac5b5d
  • security.gentoo.org https://security.gentoo.org/glsa/201510-03

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.