Medium severity5.5NVD Advisory· Published Jan 4, 2016· Updated Jun 17, 2026
CVE-2015-8733
CVE-2015-8733
Description
The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
29cpe:2.3:a:wireshark:wireshark:1.12.0:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:wireshark:wireshark:1.12.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.1:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.2:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.3:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.4:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.5:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.6:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.7:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.8:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:2.0.0:*:*:*:*:*:*:*
- (no CPE)range: <1.12.9 and <2.0.1
- osv-coords18 versionspkg:rpm/opensuse/wireshark&distro=openSUSE%20Tumbleweedpkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Desktop%2011%20SP3pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Desktop%2011%20SP4pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP3pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP3pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1
< 2.2.2-1.1+ 17 more
- (no CPE)range: < 2.2.2-1.1
- (no CPE)range: < 1.12.9-0.12.1
- (no CPE)range: < 1.12.9-0.12.1
- (no CPE)range: < 1.12.9-22.1
- (no CPE)range: < 1.12.9-22.1
- (no CPE)range: < 1.12.9-0.12.1
- (no CPE)range: < 1.12.9-0.12.1
- (no CPE)range: < 1.12.9-0.12.1
- (no CPE)range: < 1.12.9-22.1
- (no CPE)range: < 1.12.9-22.1
- (no CPE)range: < 1.12.9-0.12.1
- (no CPE)range: < 1.12.9-0.12.1
- (no CPE)range: < 1.12.9-22.1
- (no CPE)range: < 1.12.9-22.1
- (no CPE)range: < 1.12.9-0.12.1
- (no CPE)range: < 1.12.9-0.12.1
- (no CPE)range: < 1.12.9-22.1
- (no CPE)range: < 1.12.9-22.1
Patches
Vulnerability mechanics
References
8- www.wireshark.org/security/wnpa-sec-2015-51.htmlnvdVendor Advisory
- www.debian.org/security/2016/dsa-3505nvd
- www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.htmlnvd
- www.securityfocus.com/bid/79814nvd
- www.securitytracker.com/id/1034551nvd
- bugs.wireshark.org/bugzilla/show_bug.cginvd
- code.wireshark.org/review/gitwebnvd
- security.gentoo.org/glsa/201604-05nvd
News mentions
0No linked articles in our index yet.