CVE-2015-8717
Published: 04 January 2016
The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Priority
CVSS 3 base score: 5.5
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8717
- https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2ddd92b6f8f587325b9e14598658626f3a007c5c
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9887
- http://www.wireshark.org/security/wnpa-sec-2015-36.html
- NVD
- Launchpad
- Debian