FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2016-2526

This CVE name corresponds to:

Entered Topic
2016-03-01 wireshark -- multiple vulnerabilities

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2016-2526 at cve.mitre.org

Details

Type Candidate
Name CVE-2016-2526
Phase Assigned(20160220)

Description

epan/dissectors/packet-hiqnet.c in the HiQnet dissector in Wireshark 2.0.x before 2.0.2 does not validate the data type, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.

References

Source Reference
CONFIRM http://www.wireshark.org/security/wnpa-sec-2016-06.html
CONFIRM https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11983
CONFIRM https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=69a679cc3a9c087064b7e9521b9e9f3c40dd0b72

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.