An unspecified vulnerabilities were found in Wireshark. By exploiting these vulnerabilities malicious users can cause denial of service. These vulnerabilities can be exploited remotely via a specially designed file or network packet.

Technical details

This vulnerability related to next conditions:

1. Adding item to protocol tree;
2. Ptvcursor length checking;
3. WCCP, OpenFlow, GSM RLC/MAC, ZigBee, WaveAgent dissectors acting;
4. Attempt to free invalid memory;
5. Searching protocol dissector.

As result of exploitation there are two kinds DoS: crash or consume excessive CPU resources.

Wireshark versions earlier than 1.12.7

Update to the latest version
Get Wireshark

Wireshark Security Advisories

CVE-2015-6246
CVE-2015-6245
CVE-2015-6241
CVE-2015-6242
CVE-2015-6248
CVE-2015-6247
CVE-2015-6249
CVE-2015-6244
CVE-2015-6243