CVE-2015-3813

Public on 2015-05-26
Modified on 2017-04-04
Description
A flaw was found in the way packet reassembly code of wireshark would parse a packet which could leak memory. An attacker could use this flaw to crash wireshark by sending a specially crafted packet onto the wire or by convincing wireshark user to read malformed packet trace file.
Severity
Medium severity
Medium
CVSS v3 Base Score
4.3
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 1 wireshark 2017-04-04 ALAS-2017-813 Fixed

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv2 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P
NVD CVSSv2 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P