VDB

CVE-2015-0563

CVE-2015-0563 PUBLISHED

epan/dissectors/packet-smtp.c in the SMTP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 uses an incorrect length value for certain string-append operations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

EPSS 1.05% · 77.9th percentile

Risk Scores

EPSS Score
1.05%
77.9th percentile

Affected Products

VendorProductVersions
Ubuntu:14.04:LTSwireshark0, 1.10.2-1, 1.10.3-1
Ubuntu:18.04:LTSwireshark0, 2.4.2-1, 2.4.5-1
Ubuntu:16.04:LTSwireshark0, 1.12.7+g7fc8978-1, 1.12.8+g5b6e543-2

Timeline

  • Jan 10, 2015 CVE Published
  • Feb 4, 2022 EPSS Score
  • Mar 29, 2022 EPSS Score
  • May 20, 2022 EPSS Score
  • Jul 12, 2022 EPSS Score
  • Oct 26, 2022 EPSS Score
  • Dec 18, 2022 EPSS Score
  • Feb 8, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 2, 2023 EPSS Score
  • May 25, 2023 EPSS Score
  • Jul 16, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›