VDB

CVE-2015-6243

CVE-2015-6243 PUBLISHED

The dissector-table implementation in epan/packet.c in Wireshark 1.12.x before 1.12.7 mishandles table searches for empty strings, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to the (1) dissector_get_string_handle and (2) dissector_get_default_string_handle functions.

EPSS 0.66% · 71.6th percentile

Risk Scores

EPSS Score
0.66%
71.6th percentile

Affected Products

VendorProductVersions
Ubuntu:18.04:LTSwireshark0, 2.4.2-1, 2.4.4-1
Ubuntu:14.04:LTSwireshark1.10.5-1ubuntu1, 1.10.3-1, 0
Ubuntu:16.04:LTSwireshark0, 1.12.7+g7fc8978-1, 1.12.8+g5b6e543-2

Timeline

  • Aug 24, 2015 CVE Published
  • Feb 4, 2022 EPSS Score
  • Mar 29, 2022 EPSS Score
  • May 20, 2022 EPSS Score
  • Jul 12, 2022 EPSS Score
  • Sep 3, 2022 EPSS Score
  • Dec 18, 2022 EPSS Score
  • Feb 8, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 2, 2023 EPSS Score
  • May 25, 2023 EPSS Score
  • Jul 16, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›