CVE-2015-8712
Published: 04 January 2016
The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Priority
CVSS 3 base score: 5.5
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8712
- https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2ae329a47b7f0ac94089c23e79c6b8bc18ba80ea
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11602
- http://www.wireshark.org/security/wnpa-sec-2015-32.html
- NVD
- Launchpad
- Debian