2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2015-0563" ,
"sourceIdentifier" : "cve@mitre.org" ,
"published" : "2015-01-10T02:59:41.553" ,
2024-11-22 23:14:22 +00:00
"lastModified" : "2024-11-21T02:23:19.313" ,
2023-04-24 12:24:31 +02:00
"vulnStatus" : "Modified" ,
2024-12-08 03:06:42 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "epan/dissectors/packet-smtp.c in the SMTP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 uses an incorrect length value for certain string-append operations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
} ,
{
"lang" : "es" ,
"value" : "epan/dissectors/packet-smtp.c en el disector SMTP en Wireshark 1.10.x anterior a 1.10.12 y 1.12.x anterior a 1.12.3 utiliza un valor de longitud incorrecto para ciertas operaciones 'string-append', lo que permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) a trav\u00e9s de un paquete manipulado."
}
] ,
"metrics" : {
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:N/AC:L/Au:N/C:N/I:N/A:P" ,
2024-11-22 23:14:22 +00:00
"baseScore" : 5.0 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "NETWORK" ,
"accessComplexity" : "LOW" ,
"authentication" : "NONE" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "NONE" ,
2024-11-22 23:14:22 +00:00
"availabilityImpact" : "PARTIAL"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "MEDIUM" ,
"exploitabilityScore" : 10.0 ,
"impactScore" : 2.9 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-20"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A10BC294-9196-425F-9FB0-B1625465B47F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "03117DF1-3BEC-4B8D-AD63-DBBDB2126081"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:wireshark:wireshark:1.10.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "481435A6-4790-4B3E-8EEA-0394A6AB481A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:wireshark:wireshark:1.10.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2B0BB28A-9E61-4073-9BE2-C34AB2BCF1EB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:wireshark:wireshark:1.10.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0753BF56-C829-48C3-AA6E-C0A2A1EA1124"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:wireshark:wireshark:1.10.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "EC206A02-8259-4FA0-8B6F-D8C58AB946C9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:wireshark:wireshark:1.10.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B973D7E1-523B-4AB9-965F-F8BBD2420CFA"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:wireshark:wireshark:1.10.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "633AE75A-89BB-458D-9609-2C238DAC25C6"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:wireshark:wireshark:1.10.6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "20A8D578-A2DD-4D08-81C1-E4437F40D21D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:wireshark:wireshark:1.10.7:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C0BBB2FB-A3D3-4D9F-88CB-F3D74395D364"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:wireshark:wireshark:1.10.8:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A67E51FE-2B4A-4475-B829-316EDC24B88B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:wireshark:wireshark:1.10.9:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3060B2B7-48CB-4669-BF65-4750D11CA401"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:wireshark:wireshark:1.10.10:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2CA274E6-5CF8-46A1-A38C-2D9E26A8CDE3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:wireshark:wireshark:1.10.11:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "55D76E3D-0CF1-4FAB-A243-793969CA83AC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:wireshark:wireshark:1.12.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "29AC5E99-9C21-4C2E-AE68-A4B887318577"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:wireshark:wireshark:1.12.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B90C8934-01D8-4027-8A38-0B3230CC5077"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:wireshark:wireshark:1.12.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "49C89A62-69E2-40C5-9C75-FA6601A935A2"
}
]
}
]
}
] ,
"references" : [
{
"url" : "http://advisories.mageia.org/MGASA-2015-0019.html" ,
"source" : "cve@mitre.org"
} ,
{
"url" : "http://lists.opensuse.org/opensuse-updates/2015-01/msg00053.html" ,
"source" : "cve@mitre.org"
} ,
2023-11-07 21:03:21 +00:00
{
"url" : "http://secunia.com/advisories/62612" ,
"source" : "cve@mitre.org"
} ,
2023-04-24 12:24:31 +02:00
{
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:022" ,
"source" : "cve@mitre.org"
} ,
{
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" ,
"source" : "cve@mitre.org"
} ,
{
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" ,
"source" : "cve@mitre.org"
} ,
{
"url" : "http://www.securityfocus.com/bid/71916" ,
"source" : "cve@mitre.org"
} ,
{
"url" : "http://www.wireshark.org/security/wnpa-sec-2015-04.html" ,
"source" : "cve@mitre.org" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10823" ,
"source" : "cve@mitre.org"
} ,
{
2023-11-07 21:03:21 +00:00
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=611cfd00c283e7a77a2f1fd89c01b0b9f691411b" ,
2023-04-24 12:24:31 +02:00
"source" : "cve@mitre.org"
} ,
{
2023-11-07 21:03:21 +00:00
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=854157883bd1972e012c65c0418a9732ef5d9fb0" ,
2023-04-24 12:24:31 +02:00
"source" : "cve@mitre.org"
2024-11-22 23:14:22 +00:00
} ,
{
"url" : "http://advisories.mageia.org/MGASA-2015-0019.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://lists.opensuse.org/opensuse-updates/2015-01/msg00053.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://secunia.com/advisories/62612" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2015:022" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.securityfocus.com/bid/71916" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "http://www.wireshark.org/security/wnpa-sec-2015-04.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
} ,
{
"url" : "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10823" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=611cfd00c283e7a77a2f1fd89c01b0b9f691411b" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=854157883bd1972e012c65c0418a9732ef5d9fb0" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
2023-04-24 12:24:31 +02:00
}
]
}
