CVE-2015-6244
published 2015-08-24CVE-2015-6244: The dissect_zbee_secure function in epan/dissectors/packet-zbee-security.c in the ZigBee dissector in Wireshark 1.12.x before 1.12.7 improperly relies on…
medium4.3CVSS 3.1
AVNACMAuNCNINAP
The dissect_zbee_secure function in epan/dissectors/packet-zbee-security.c in the ZigBee dissector in Wireshark 1.12.x before 1.12.7 improperly relies on length fields contained in packet data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | wireshark | < wireshark 1.12.7+g7fc8978-1 (bookworm) | wireshark 1.12.7+g7fc8978-1 (bookworm) |
| oracle | linux | — | — |
| oracle | solaris | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | >= 0 < 1.12.7+g7fc8978-1 | 1.12.7+g7fc8978-1 |
| wireshark | wireshark | >= 0 < 1.12.7+g7fc8978-1 | 1.12.7+g7fc8978-1 |
| wireshark | wireshark | >= 0 < 1.12.7+g7fc8978-1 | 1.12.7+g7fc8978-1 |
| wireshark | wireshark | >= 0 < 1.12.7+g7fc8978-1 | 1.12.7+g7fc8978-1 |
CVSS provenance
nvd4.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv4.3MEDIUM