Launchpad.net

CVE 2015-0563

epan/dissectors/packet-smtp.c in the SMTP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 uses an incorrect length value for certain string-append operations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Related bugs and status

CVE-2015-0563 (Candidate) is related to these bugs:

Bug #1418211: [Security] Wireshark Vulnerabilities (February 2015)

		In	Importance	Status
1418211	[Security] Wireshark Vulnerabilities (February 2015)	wireshark (Ubuntu)	Medium	Fix Released
1418211	[Security] Wireshark Vulnerabilities (February 2015)	wireshark (Ubuntu Precise)	Medium	Won't Fix
1418211	[Security] Wireshark Vulnerabilities (February 2015)	wireshark (Ubuntu Trusty)	Medium	Confirmed
1418211	[Security] Wireshark Vulnerabilities (February 2015)	wireshark (Ubuntu Utopic)	Medium	Fix Released

Bug #1567407: [SRU] Update to bugfix release 1.10.14 in Trusty

Summary				In	Importance	Status
	1567407	[SRU] Update to bugfix release 1.10.14 in Trusty		wireshark (Ubuntu)	Undecided	Expired

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2015-0563

Related bugs and status

Related bugs

References