CVE-2015-2191
NONE EPSS 88.9%
Published Mar 8, 201511y ago · Modified Jun 17, 20262w ago
Published Mar 8, 2015 11y ago
Last Modified Jun 17, 2026 2w ago
Description
Integer overflow in the dissect_tnef function in epan/dissectors/packet-tnef.c in the TNEF dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet.
Threat Intelligence
EPSS Exploit Probability
88.9% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-189
Affected Products 22
| Vendor | Product | Version | Range |
|---|---|---|---|
| debian | debian_linux | 7.0 | any |
| debian | debian_linux | 8.0 | any |
| mageia | mageia | 4.0 | any |
| wireshark | wireshark | 1.10.0 | any |
| wireshark | wireshark | 1.10.1 | any |
| wireshark | wireshark | 1.10.2 | any |
| wireshark | wireshark | 1.10.3 | any |
| wireshark | wireshark | 1.10.4 | any |
| wireshark | wireshark | 1.10.5 | any |
| wireshark | wireshark | 1.10.6 | any |
| wireshark | wireshark | 1.10.7 | any |
| wireshark | wireshark | 1.10.8 | any |
| wireshark | wireshark | 1.10.9 | any |
| wireshark | wireshark | 1.10.10 | any |
| wireshark | wireshark | 1.10.11 | any |
| wireshark | wireshark | 1.10.12 | any |
| wireshark | wireshark | 1.12.0 | any |
| wireshark | wireshark | 1.12.1 | any |
| wireshark | wireshark | 1.12.2 | any |
| wireshark | wireshark | 1.12.3 | any |
| opensuse | opensuse | 13.1 | any |
| opensuse | opensuse | 13.2 | any |
References 12
- advisories.mageia.org http://advisories.mageia.org/MGASA-2015-0117.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2015-03/msg00038.html
- rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-1460.html
- debian.org http://www.debian.org/security/2015/dsa-3210
- mandriva.com http://www.mandriva.com/security/advisories?name=MDVSA-2015:183
- oracle.com http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- securityfocus.com http://www.securityfocus.com/bid/72941
- securitytracker.com http://www.securitytracker.com/id/1031858
- wireshark.org http://www.wireshark.org/security/wnpa-sec-2015-10.html
- bugs.wireshark.org https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11023
- code.wireshark.org https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=608cf324b3962877e9699f3e81e8f82ac9f1ea14
- security.gentoo.org https://security.gentoo.org/glsa/201510-03
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.