Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2015-0561
Vulnerability from cvelistv5
Published
2015-01-10 02:00
Modified
2024-08-06 04:10
Severity ?
EPSS score ?
0.26%
(0.49186)
Summary
asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T04:10:11.017Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10773", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.wireshark.org/security/wnpa-sec-2015-02.html", }, { name: "62612", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/62612", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", }, { name: "openSUSE-SU-2015:0113", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2015-01/msg00053.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=8e96830156bea314207b97315ccebd605317f142", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-01-06T00:00:00", descriptions: [ { lang: "en", value: "asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-10-24T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10773", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.wireshark.org/security/wnpa-sec-2015-02.html", }, { name: "62612", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/62612", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", }, { name: "openSUSE-SU-2015:0113", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2015-01/msg00053.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=8e96830156bea314207b97315ccebd605317f142", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-0561", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10773", refsource: "CONFIRM", url: "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10773", }, { name: "http://www.wireshark.org/security/wnpa-sec-2015-02.html", refsource: "CONFIRM", url: "http://www.wireshark.org/security/wnpa-sec-2015-02.html", }, { name: "62612", refsource: "SECUNIA", url: "http://secunia.com/advisories/62612", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", }, { name: "openSUSE-SU-2015:0113", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-01/msg00053.html", }, { name: "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8e96830156bea314207b97315ccebd605317f142", refsource: "CONFIRM", url: "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8e96830156bea314207b97315ccebd605317f142", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2015-0561", datePublished: "2015-01-10T02:00:00", dateReserved: "2015-01-06T00:00:00", dateUpdated: "2024-08-06T04:10:11.017Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2015-0561\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2015-01-10T02:59:39.913\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.\"},{\"lang\":\"es\",\"value\":\"asn1/lpp/lpp.cnf en el disector LPP en Wireshark 1.10.x anterior a 1.10.12 y 1.12.x anterior a 1.12.3 no valida cierto valor de indice, lo que permite a atacantes remotos causar una denegación de servicio (acceso a memoria fuera de rango y caída de la aplicación) a través de un paquete manipulado.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"481435A6-4790-4B3E-8EEA-0394A6AB481A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.10.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B0BB28A-9E61-4073-9BE2-C34AB2BCF1EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.10.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0753BF56-C829-48C3-AA6E-C0A2A1EA1124\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.10.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EC206A02-8259-4FA0-8B6F-D8C58AB946C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.10.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B973D7E1-523B-4AB9-965F-F8BBD2420CFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.10.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"633AE75A-89BB-458D-9609-2C238DAC25C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.10.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"20A8D578-A2DD-4D08-81C1-E4437F40D21D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.10.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0BBB2FB-A3D3-4D9F-88CB-F3D74395D364\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.10.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A67E51FE-2B4A-4475-B829-316EDC24B88B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.10.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3060B2B7-48CB-4669-BF65-4750D11CA401\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.10.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2CA274E6-5CF8-46A1-A38C-2D9E26A8CDE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.10.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"55D76E3D-0CF1-4FAB-A243-793969CA83AC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29AC5E99-9C21-4C2E-AE68-A4B887318577\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B90C8934-01D8-4027-8A38-0B3230CC5077\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:wireshark:wireshark:1.12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"49C89A62-69E2-40C5-9C75-FA6601A935A2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A10BC294-9196-425F-9FB0-B1625465B47F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03117DF1-3BEC-4B8D-AD63-DBBDB2126081\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0B1C288F-326B-497B-B26C-D26E01262DDB\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-updates/2015-01/msg00053.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/62612\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.wireshark.org/security/wnpa-sec-2015-02.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10773\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=8e96830156bea314207b97315ccebd605317f142\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2015-01/msg00053.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://secunia.com/advisories/62612\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.wireshark.org/security/wnpa-sec-2015-02.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10773\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=8e96830156bea314207b97315ccebd605317f142\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}", }, }
suse-su-2015:0426-1
Vulnerability from csaf_suse
Published
2014-11-14 12:53
Modified
2014-11-14 12:53
Summary
Security update for wireshark
Notes
Title of the patch
Security update for wireshark
Description of the patch
wireshark has been updated to version 1.10.11 to fix five security issues.
These security issues have been fixed:
* SigComp UDVM buffer overflow (CVE-2014-8710).
* AMQP dissector crash (CVE-2014-8711).
* NCP dissector crashes (CVE-2014-8712, CVE-2014-8713).
* TN5250 infinite loops (CVE-2014-8714).
This non-security issue has been fixed:
* enable zlib (bnc#899303).
Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html
<https://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html>
Security Issues:
* CVE-2014-8711
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8711>
* CVE-2014-8710
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8710>
* CVE-2014-8714
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8714>
* CVE-2014-8712
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8712>
* CVE-2014-8713
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8713>
Patchnames
sdksp3-wireshark,sledsp3-wireshark,slessp3-wireshark
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for wireshark", title: "Title of the patch", }, { category: "description", text: "\nwireshark has been updated to version 1.10.11 to fix five security issues.\n\nThese security issues have been fixed:\n\n * SigComp UDVM buffer overflow (CVE-2014-8710).\n * AMQP dissector crash (CVE-2014-8711).\n * NCP dissector crashes (CVE-2014-8712, CVE-2014-8713).\n * TN5250 infinite loops (CVE-2014-8714).\n\nThis non-security issue has been fixed:\n\n * enable zlib (bnc#899303).\n\nFurther bug fixes and updated protocol support as listed in:\n\nhttps://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html\n<https://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html>\n\nSecurity Issues:\n\n * CVE-2014-8711\n <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8711>\n * CVE-2014-8710\n <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8710>\n * CVE-2014-8714\n <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8714>\n * CVE-2014-8712\n <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8712>\n * CVE-2014-8713\n <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8713>\n\n", title: "Description of the patch", }, { category: "details", text: "sdksp3-wireshark,sledsp3-wireshark,slessp3-wireshark", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_0426-1.json", }, { category: "self", summary: "URL for SUSE-SU-2015:0426-1", url: "https://www.suse.com/support/update/announcement/2015/suse-su-20150426-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2015:0426-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2015-March/001267.html", }, { category: "self", summary: "SUSE Bug 813217", url: "https://bugzilla.suse.com/813217", }, { category: "self", summary: "SUSE Bug 816517", url: "https://bugzilla.suse.com/816517", }, { category: "self", summary: "SUSE Bug 816887", url: "https://bugzilla.suse.com/816887", }, { category: "self", summary: "SUSE Bug 820973", url: "https://bugzilla.suse.com/820973", }, { category: "self", summary: "SUSE Bug 824900", url: "https://bugzilla.suse.com/824900", }, { category: "self", summary: "SUSE Bug 831718", url: "https://bugzilla.suse.com/831718", }, { category: "self", summary: "SUSE Bug 839607", url: "https://bugzilla.suse.com/839607", }, { category: "self", summary: "SUSE Bug 848738", url: "https://bugzilla.suse.com/848738", }, { category: "self", summary: "SUSE Bug 855980", url: "https://bugzilla.suse.com/855980", }, { category: "self", summary: "SUSE Bug 856495", url: "https://bugzilla.suse.com/856495", }, { category: "self", summary: "SUSE Bug 856496", url: "https://bugzilla.suse.com/856496", }, { category: "self", summary: "SUSE Bug 856498", url: "https://bugzilla.suse.com/856498", }, { category: "self", summary: "SUSE Bug 867485", url: "https://bugzilla.suse.com/867485", }, { category: "self", summary: "SUSE Bug 889854", url: "https://bugzilla.suse.com/889854", }, { category: "self", summary: "SUSE Bug 889899", url: "https://bugzilla.suse.com/889899", }, { category: "self", summary: "SUSE Bug 889900", url: "https://bugzilla.suse.com/889900", }, { category: "self", summary: "SUSE Bug 889901", url: "https://bugzilla.suse.com/889901", }, { category: "self", summary: "SUSE Bug 889906", url: "https://bugzilla.suse.com/889906", }, { category: "self", summary: "SUSE Bug 897055", url: "https://bugzilla.suse.com/897055", }, { category: "self", summary: "SUSE Bug 899303", url: "https://bugzilla.suse.com/899303", }, { category: "self", summary: "SUSE Bug 905245", url: "https://bugzilla.suse.com/905245", }, { category: "self", summary: "SUSE Bug 905246", url: "https://bugzilla.suse.com/905246", }, { category: "self", summary: "SUSE Bug 905247", url: "https://bugzilla.suse.com/905247", }, { category: "self", summary: "SUSE Bug 905248", url: "https://bugzilla.suse.com/905248", }, { category: "self", summary: "SUSE Bug 912365", url: "https://bugzilla.suse.com/912365", }, { category: "self", summary: "SUSE Bug 912368", url: "https://bugzilla.suse.com/912368", }, { category: "self", summary: "SUSE Bug 912369", url: "https://bugzilla.suse.com/912369", }, { category: "self", summary: "SUSE Bug 912370", url: "https://bugzilla.suse.com/912370", }, { category: "self", summary: "SUSE Bug 912372", url: "https://bugzilla.suse.com/912372", }, { category: "self", summary: "SUSE Bug 920696", url: "https://bugzilla.suse.com/920696", }, { category: "self", summary: "SUSE Bug 920697", url: "https://bugzilla.suse.com/920697", }, { category: "self", summary: "SUSE Bug 920699", url: "https://bugzilla.suse.com/920699", }, { category: "self", summary: "SUSE Bug 930691", url: "https://bugzilla.suse.com/930691", }, { category: "self", summary: "SUSE CVE CVE-2013-2486 page", url: "https://www.suse.com/security/cve/CVE-2013-2486/", }, { category: "self", summary: "SUSE CVE CVE-2013-2487 page", url: "https://www.suse.com/security/cve/CVE-2013-2487/", }, { category: "self", summary: "SUSE CVE CVE-2013-3555 page", url: "https://www.suse.com/security/cve/CVE-2013-3555/", }, { category: "self", summary: "SUSE CVE CVE-2013-3556 page", url: "https://www.suse.com/security/cve/CVE-2013-3556/", }, { category: "self", summary: "SUSE CVE CVE-2013-3557 page", url: "https://www.suse.com/security/cve/CVE-2013-3557/", }, { category: "self", summary: "SUSE CVE CVE-2013-3558 page", url: "https://www.suse.com/security/cve/CVE-2013-3558/", }, { category: "self", summary: "SUSE CVE CVE-2013-3559 page", url: "https://www.suse.com/security/cve/CVE-2013-3559/", }, { category: "self", summary: "SUSE CVE CVE-2013-3560 page", url: "https://www.suse.com/security/cve/CVE-2013-3560/", }, { category: "self", summary: "SUSE CVE CVE-2013-3561 page", url: "https://www.suse.com/security/cve/CVE-2013-3561/", }, { category: "self", summary: "SUSE CVE CVE-2013-3562 page", url: "https://www.suse.com/security/cve/CVE-2013-3562/", }, { category: "self", summary: "SUSE CVE CVE-2013-4074 page", url: "https://www.suse.com/security/cve/CVE-2013-4074/", }, { category: "self", summary: "SUSE CVE CVE-2013-4075 page", url: "https://www.suse.com/security/cve/CVE-2013-4075/", }, { category: "self", summary: "SUSE CVE CVE-2013-4076 page", url: "https://www.suse.com/security/cve/CVE-2013-4076/", }, { category: "self", summary: "SUSE CVE CVE-2013-4077 page", url: "https://www.suse.com/security/cve/CVE-2013-4077/", }, { category: "self", summary: "SUSE CVE CVE-2013-4078 page", url: "https://www.suse.com/security/cve/CVE-2013-4078/", }, { category: "self", summary: "SUSE CVE CVE-2013-4079 page", url: "https://www.suse.com/security/cve/CVE-2013-4079/", }, { category: "self", summary: "SUSE CVE CVE-2013-4080 page", url: "https://www.suse.com/security/cve/CVE-2013-4080/", }, { category: "self", summary: "SUSE CVE CVE-2013-4081 page", url: "https://www.suse.com/security/cve/CVE-2013-4081/", }, { category: "self", summary: "SUSE CVE CVE-2013-4082 page", url: "https://www.suse.com/security/cve/CVE-2013-4082/", }, { category: "self", summary: "SUSE CVE CVE-2013-4083 page", url: "https://www.suse.com/security/cve/CVE-2013-4083/", }, { category: "self", summary: "SUSE CVE CVE-2013-4929 page", url: "https://www.suse.com/security/cve/CVE-2013-4929/", }, { category: "self", summary: "SUSE CVE CVE-2013-4930 page", url: "https://www.suse.com/security/cve/CVE-2013-4930/", }, { category: "self", summary: "SUSE CVE CVE-2013-4931 page", url: "https://www.suse.com/security/cve/CVE-2013-4931/", }, { category: "self", summary: "SUSE CVE CVE-2013-4932 page", url: "https://www.suse.com/security/cve/CVE-2013-4932/", }, { category: "self", summary: "SUSE CVE CVE-2013-4933 page", url: "https://www.suse.com/security/cve/CVE-2013-4933/", }, { category: "self", summary: "SUSE CVE CVE-2013-4934 page", url: "https://www.suse.com/security/cve/CVE-2013-4934/", }, { category: "self", summary: "SUSE CVE CVE-2013-4935 page", url: "https://www.suse.com/security/cve/CVE-2013-4935/", }, { category: "self", summary: "SUSE CVE CVE-2013-6336 page", url: "https://www.suse.com/security/cve/CVE-2013-6336/", }, { category: "self", summary: "SUSE CVE CVE-2013-6337 page", url: "https://www.suse.com/security/cve/CVE-2013-6337/", }, { category: "self", summary: "SUSE CVE CVE-2013-6338 page", url: "https://www.suse.com/security/cve/CVE-2013-6338/", }, { category: "self", summary: "SUSE CVE CVE-2013-6339 page", url: "https://www.suse.com/security/cve/CVE-2013-6339/", }, { category: "self", summary: "SUSE CVE CVE-2013-6340 page", url: "https://www.suse.com/security/cve/CVE-2013-6340/", }, { category: "self", summary: "SUSE CVE CVE-2013-7112 page", url: "https://www.suse.com/security/cve/CVE-2013-7112/", }, { category: "self", summary: "SUSE CVE CVE-2013-7113 page", url: "https://www.suse.com/security/cve/CVE-2013-7113/", }, { category: "self", summary: "SUSE CVE CVE-2013-7114 page", url: "https://www.suse.com/security/cve/CVE-2013-7114/", }, { category: "self", summary: "SUSE CVE CVE-2014-2281 page", url: "https://www.suse.com/security/cve/CVE-2014-2281/", }, { category: "self", summary: "SUSE CVE CVE-2014-2282 page", url: "https://www.suse.com/security/cve/CVE-2014-2282/", }, { category: "self", summary: "SUSE CVE CVE-2014-2283 page", url: "https://www.suse.com/security/cve/CVE-2014-2283/", }, { category: "self", summary: "SUSE CVE CVE-2014-2299 page", url: "https://www.suse.com/security/cve/CVE-2014-2299/", }, { category: "self", summary: "SUSE CVE CVE-2014-6421 page", url: "https://www.suse.com/security/cve/CVE-2014-6421/", }, { category: "self", summary: "SUSE CVE CVE-2014-6422 page", url: "https://www.suse.com/security/cve/CVE-2014-6422/", }, { category: "self", summary: "SUSE CVE CVE-2014-6423 page", url: "https://www.suse.com/security/cve/CVE-2014-6423/", }, { category: "self", summary: "SUSE CVE CVE-2014-6424 page", url: "https://www.suse.com/security/cve/CVE-2014-6424/", }, { category: "self", summary: "SUSE CVE CVE-2014-6427 page", url: "https://www.suse.com/security/cve/CVE-2014-6427/", }, { category: "self", summary: "SUSE CVE CVE-2014-6428 page", url: "https://www.suse.com/security/cve/CVE-2014-6428/", }, { category: "self", summary: "SUSE CVE CVE-2014-6429 page", url: "https://www.suse.com/security/cve/CVE-2014-6429/", }, { category: "self", summary: "SUSE CVE CVE-2014-6430 page", url: "https://www.suse.com/security/cve/CVE-2014-6430/", }, { category: "self", summary: "SUSE CVE CVE-2014-6431 page", url: "https://www.suse.com/security/cve/CVE-2014-6431/", }, { category: "self", summary: "SUSE CVE CVE-2014-6432 page", url: "https://www.suse.com/security/cve/CVE-2014-6432/", }, { category: "self", summary: "SUSE CVE CVE-2014-8710 page", url: "https://www.suse.com/security/cve/CVE-2014-8710/", }, { category: "self", summary: "SUSE CVE CVE-2014-8711 page", url: "https://www.suse.com/security/cve/CVE-2014-8711/", }, { category: "self", summary: "SUSE CVE CVE-2014-8712 page", url: "https://www.suse.com/security/cve/CVE-2014-8712/", }, { category: "self", summary: "SUSE CVE CVE-2014-8713 page", url: "https://www.suse.com/security/cve/CVE-2014-8713/", }, { category: "self", summary: "SUSE CVE CVE-2014-8714 page", url: "https://www.suse.com/security/cve/CVE-2014-8714/", }, { category: "self", summary: "SUSE CVE CVE-2015-0559 page", url: "https://www.suse.com/security/cve/CVE-2015-0559/", }, { category: "self", summary: "SUSE CVE CVE-2015-0560 page", url: "https://www.suse.com/security/cve/CVE-2015-0560/", }, { category: "self", summary: "SUSE CVE CVE-2015-0561 page", url: "https://www.suse.com/security/cve/CVE-2015-0561/", }, { category: "self", summary: "SUSE CVE CVE-2015-0562 page", url: "https://www.suse.com/security/cve/CVE-2015-0562/", }, { category: "self", summary: "SUSE CVE CVE-2015-0563 page", url: "https://www.suse.com/security/cve/CVE-2015-0563/", }, { category: "self", summary: "SUSE CVE CVE-2015-0564 page", url: "https://www.suse.com/security/cve/CVE-2015-0564/", }, { category: "self", summary: "SUSE CVE CVE-2015-2188 page", url: "https://www.suse.com/security/cve/CVE-2015-2188/", }, { category: "self", summary: "SUSE CVE CVE-2015-2189 page", url: "https://www.suse.com/security/cve/CVE-2015-2189/", }, { category: "self", summary: "SUSE CVE CVE-2015-2191 page", url: "https://www.suse.com/security/cve/CVE-2015-2191/", }, { category: "self", summary: "SUSE CVE CVE-2015-3811 page", url: "https://www.suse.com/security/cve/CVE-2015-3811/", }, { category: "self", summary: "SUSE CVE CVE-2015-3812 page", url: "https://www.suse.com/security/cve/CVE-2015-3812/", }, { category: "self", summary: "SUSE CVE CVE-2015-3814 page", url: "https://www.suse.com/security/cve/CVE-2015-3814/", }, ], title: "Security update for wireshark", tracking: { current_release_date: "2014-11-14T12:53:20Z", generator: { date: "2014-11-14T12:53:20Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2015:0426-1", initial_release_date: "2014-11-14T12:53:20Z", revision_history: [ { date: "2014-11-14T12:53:20Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "wireshark-1.10.11-0.2.1.i586", product: { name: "wireshark-1.10.11-0.2.1.i586", product_id: "wireshark-1.10.11-0.2.1.i586", }, }, { category: "product_version", name: "wireshark-devel-1.10.11-0.2.1.i586", product: { name: "wireshark-devel-1.10.11-0.2.1.i586", product_id: "wireshark-devel-1.10.11-0.2.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "wireshark-devel-1.10.11-0.2.1.ia64", product: { name: "wireshark-devel-1.10.11-0.2.1.ia64", product_id: "wireshark-devel-1.10.11-0.2.1.ia64", }, }, { category: "product_version", name: "wireshark-1.10.11-0.2.1.ia64", product: { name: "wireshark-1.10.11-0.2.1.ia64", product_id: "wireshark-1.10.11-0.2.1.ia64", }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "wireshark-devel-1.10.11-0.2.1.ppc64", product: { name: "wireshark-devel-1.10.11-0.2.1.ppc64", product_id: "wireshark-devel-1.10.11-0.2.1.ppc64", }, }, { category: "product_version", name: "wireshark-1.10.11-0.2.1.ppc64", product: { name: "wireshark-1.10.11-0.2.1.ppc64", product_id: "wireshark-1.10.11-0.2.1.ppc64", }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "wireshark-devel-1.10.11-0.2.1.s390x", product: { name: "wireshark-devel-1.10.11-0.2.1.s390x", product_id: "wireshark-devel-1.10.11-0.2.1.s390x", }, }, { category: "product_version", name: "wireshark-1.10.11-0.2.1.s390x", product: { name: "wireshark-1.10.11-0.2.1.s390x", product_id: "wireshark-1.10.11-0.2.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "wireshark-1.10.11-0.2.1.x86_64", product: { name: "wireshark-1.10.11-0.2.1.x86_64", product_id: "wireshark-1.10.11-0.2.1.x86_64", }, }, { category: "product_version", name: "wireshark-devel-1.10.11-0.2.1.x86_64", product: { name: "wireshark-devel-1.10.11-0.2.1.x86_64", product_id: "wireshark-devel-1.10.11-0.2.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Software Development Kit 11 SP3", product: { name: "SUSE Linux Enterprise Software Development Kit 11 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP3", product_identification_helper: { cpe: "cpe:/a:suse:sle-sdk:11:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Desktop 11 SP3", product: { name: "SUSE Linux Enterprise Desktop 11 SP3", product_id: "SUSE Linux Enterprise Desktop 11 SP3", product_identification_helper: { cpe: "cpe:/o:suse:suse_sled:11:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 11 SP3", product: { name: "SUSE Linux Enterprise Server 11 SP3", product_id: "SUSE Linux Enterprise Server 11 SP3", product_identification_helper: { cpe: "cpe:/o:suse:suse_sles:11:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 11 SP3-TERADATA", product: { name: "SUSE Linux Enterprise Server 11 SP3-TERADATA", product_id: "SUSE Linux Enterprise Server 11 SP3-TERADATA", product_identification_helper: { cpe: "cpe:/o:suse:sles:11:sp3:teradata", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", product: { name: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:11:sp3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", }, product_reference: "wireshark-1.10.11-0.2.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", }, product_reference: "wireshark-1.10.11-0.2.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-1.10.11-0.2.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", }, product_reference: "wireshark-devel-1.10.11-0.2.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-1.10.11-0.2.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", }, product_reference: "wireshark-devel-1.10.11-0.2.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-1.10.11-0.2.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", }, product_reference: "wireshark-devel-1.10.11-0.2.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-1.10.11-0.2.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", }, product_reference: "wireshark-devel-1.10.11-0.2.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-1.10.11-0.2.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", }, product_reference: "wireshark-devel-1.10.11-0.2.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.i586 as component of SUSE Linux Enterprise Desktop 11 SP3", product_id: "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", }, product_reference: "wireshark-1.10.11-0.2.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Desktop 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.x86_64 as component of SUSE Linux Enterprise Desktop 11 SP3", product_id: "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", }, product_reference: "wireshark-1.10.11-0.2.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.i586 as component of SUSE Linux Enterprise Server 11 SP3", product_id: "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", }, product_reference: "wireshark-1.10.11-0.2.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.ia64 as component of SUSE Linux Enterprise Server 11 SP3", product_id: "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", }, product_reference: "wireshark-1.10.11-0.2.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP3", product_id: "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", }, product_reference: "wireshark-1.10.11-0.2.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.s390x as component of SUSE Linux Enterprise Server 11 SP3", product_id: "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", }, product_reference: "wireshark-1.10.11-0.2.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3", product_id: "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", }, product_reference: "wireshark-1.10.11-0.2.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", product_id: "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", }, product_reference: "wireshark-1.10.11-0.2.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-TERADATA", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.ia64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", product_id: "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", }, product_reference: "wireshark-1.10.11-0.2.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-TERADATA", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", product_id: "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", }, product_reference: "wireshark-1.10.11-0.2.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-TERADATA", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", product_id: "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", }, product_reference: "wireshark-1.10.11-0.2.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-TERADATA", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", product_id: "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", }, product_reference: "wireshark-1.10.11-0.2.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-TERADATA", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", }, product_reference: "wireshark-1.10.11-0.2.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", }, product_reference: "wireshark-1.10.11-0.2.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", }, product_reference: "wireshark-1.10.11-0.2.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", }, product_reference: "wireshark-1.10.11-0.2.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", }, product_reference: "wireshark-1.10.11-0.2.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", }, ], }, vulnerabilities: [ { cve: "CVE-2013-2486", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-2486", }, ], notes: [ { category: "general", text: "The dissect_diagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-2486", url: "https://www.suse.com/security/cve/CVE-2013-2486", }, { category: "external", summary: "SUSE Bug 807942 for CVE-2013-2486", url: "https://bugzilla.suse.com/807942", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-2486", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-2486", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-2486", }, { cve: "CVE-2013-2487", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-2487", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet, related to the (1) dissect_icecandidates, (2) dissect_kinddata, (3) dissect_nodeid_list, (4) dissect_storeans, (5) dissect_storereq, (6) dissect_storeddataspecifier, (7) dissect_fetchreq, (8) dissect_findans, (9) dissect_diagnosticinfo, (10) dissect_diagnosticresponse, (11) dissect_reload_messagecontents, and (12) dissect_reload_message functions, a different vulnerability than CVE-2013-2486.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-2487", url: "https://www.suse.com/security/cve/CVE-2013-2487", }, { category: "external", summary: "SUSE Bug 807942 for CVE-2013-2487", url: "https://bugzilla.suse.com/807942", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-2487", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-2487", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "important", }, ], title: "CVE-2013-2487", }, { cve: "CVE-2013-3555", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3555", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3555", url: "https://www.suse.com/security/cve/CVE-2013-3555", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3555", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3555", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-3555", }, { cve: "CVE-2013-3556", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3556", }, ], notes: [ { category: "general", text: "The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3556", url: "https://www.suse.com/security/cve/CVE-2013-3556", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3556", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3556", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-3556", }, { cve: "CVE-2013-3557", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3557", }, ], notes: [ { category: "general", text: "The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3557", url: "https://www.suse.com/security/cve/CVE-2013-3557", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3557", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3557", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-3557", }, { cve: "CVE-2013-3558", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3558", }, ], notes: [ { category: "general", text: "The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3558", url: "https://www.suse.com/security/cve/CVE-2013-3558", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3558", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3558", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-3558", }, { cve: "CVE-2013-3559", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3559", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3559", url: "https://www.suse.com/security/cve/CVE-2013-3559", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3559", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3559", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-3559", }, { cve: "CVE-2013-3560", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3560", }, ], notes: [ { category: "general", text: "The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3560", url: "https://www.suse.com/security/cve/CVE-2013-3560", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3560", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3560", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-3560", }, { cve: "CVE-2013-3561", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3561", }, ], notes: [ { category: "general", text: "Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3561", url: "https://www.suse.com/security/cve/CVE-2013-3561", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3561", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3561", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-3561", }, { cve: "CVE-2013-3562", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3562", }, ], notes: [ { category: "general", text: "Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3562", url: "https://www.suse.com/security/cve/CVE-2013-3562", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3562", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3562", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-3562", }, { cve: "CVE-2013-4074", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4074", }, ], notes: [ { category: "general", text: "The dissect_capwap_data function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4074", url: "https://www.suse.com/security/cve/CVE-2013-4074", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4074", url: "https://bugzilla.suse.com/824900", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4074", }, { cve: "CVE-2013-4075", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4075", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-gmr1_bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4075", url: "https://www.suse.com/security/cve/CVE-2013-4075", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4075", url: "https://bugzilla.suse.com/824900", }, { category: "external", summary: "SUSE Bug 836146 for CVE-2013-4075", url: "https://bugzilla.suse.com/836146", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4075", }, { cve: "CVE-2013-4076", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4076", }, ], notes: [ { category: "general", text: "Buffer overflow in the dissect_iphc_crtp_fh function in epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4076", url: "https://www.suse.com/security/cve/CVE-2013-4076", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4076", url: "https://bugzilla.suse.com/824900", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4076", }, { cve: "CVE-2013-4077", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4077", }, ], notes: [ { category: "general", text: "Array index error in the NBAP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to nbap.cnf and packet-nbap.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4077", url: "https://www.suse.com/security/cve/CVE-2013-4077", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4077", url: "https://bugzilla.suse.com/824900", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4077", }, { cve: "CVE-2013-4078", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4078", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-rdp.c in the RDP dissector in Wireshark 1.8.x before 1.8.8 does not validate return values during checks for data availability, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4078", url: "https://www.suse.com/security/cve/CVE-2013-4078", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4078", url: "https://bugzilla.suse.com/824900", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4078", }, { cve: "CVE-2013-4079", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4079", }, ], notes: [ { category: "general", text: "The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite loop and application hang) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4079", url: "https://www.suse.com/security/cve/CVE-2013-4079", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4079", url: "https://bugzilla.suse.com/824900", }, { category: "external", summary: "SUSE Bug 836146 for CVE-2013-4079", url: "https://bugzilla.suse.com/836146", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4079", }, { cve: "CVE-2013-4080", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4080", }, ], notes: [ { category: "general", text: "The dissect_r3_upstreamcommand_queryconfig function in epan/dissectors/packet-assa_r3.c in the Assa Abloy R3 dissector in Wireshark 1.8.x before 1.8.8 does not properly handle a zero-length item, which allows remote attackers to cause a denial of service (infinite loop, and CPU and memory consumption) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4080", url: "https://www.suse.com/security/cve/CVE-2013-4080", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4080", url: "https://bugzilla.suse.com/824900", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4080", }, { cve: "CVE-2013-4081", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4081", }, ], notes: [ { category: "general", text: "The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4081", url: "https://www.suse.com/security/cve/CVE-2013-4081", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4081", url: "https://bugzilla.suse.com/824900", }, { category: "external", summary: "SUSE Bug 836116 for CVE-2013-4081", url: "https://bugzilla.suse.com/836116", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4081", }, { cve: "CVE-2013-4082", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4082", }, ], notes: [ { category: "general", text: "The vwr_read function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.8 does not validate the relationship between a record length and a trailer length, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4082", url: "https://www.suse.com/security/cve/CVE-2013-4082", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4082", url: "https://bugzilla.suse.com/824900", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4082", }, { cve: "CVE-2013-4083", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4083", }, ], notes: [ { category: "general", text: "The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4083", url: "https://www.suse.com/security/cve/CVE-2013-4083", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4083", url: "https://bugzilla.suse.com/824900", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4083", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4083", }, { cve: "CVE-2013-4929", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4929", }, ], notes: [ { category: "general", text: "The parseFields function in epan/dissectors/packet-dis-pdus.c in the DIS dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not terminate packet-data processing after finding zero remaining bytes, which allows remote attackers to cause a denial of service (loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4929", url: "https://www.suse.com/security/cve/CVE-2013-4929", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4929", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "important", }, ], title: "CVE-2013-4929", }, { cve: "CVE-2013-4930", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4930", }, ], notes: [ { category: "general", text: "The dissect_dvbci_tpdu_hdr function in epan/dissectors/packet-dvbci.c in the DVB-CI dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not validate a certain length value before decrementing it, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4930", url: "https://www.suse.com/security/cve/CVE-2013-4930", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4930", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4930", }, { cve: "CVE-2013-4931", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4931", }, ], notes: [ { category: "general", text: "epan/proto.c in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (loop) via a crafted packet that is not properly handled by the GSM RR dissector.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4931", url: "https://www.suse.com/security/cve/CVE-2013-4931", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4931", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4931", }, { cve: "CVE-2013-4932", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4932", }, ], notes: [ { category: "general", text: "Multiple array index errors in epan/dissectors/packet-gsm_a_common.c in the GSM A Common dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allow remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4932", url: "https://www.suse.com/security/cve/CVE-2013-4932", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4932", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4932", }, { cve: "CVE-2013-4933", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4933", }, ], notes: [ { category: "general", text: "The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4933", url: "https://www.suse.com/security/cve/CVE-2013-4933", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4933", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4933", }, { cve: "CVE-2013-4934", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4934", }, ], notes: [ { category: "general", text: "The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize certain structure members, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4934", url: "https://www.suse.com/security/cve/CVE-2013-4934", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4934", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4934", }, { cve: "CVE-2013-4935", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4935", }, ], notes: [ { category: "general", text: "The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in certain abnormal situations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4935", url: "https://www.suse.com/security/cve/CVE-2013-4935", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4935", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4935", }, { cve: "CVE-2013-6336", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-6336", }, ], notes: [ { category: "general", text: "The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c in the IEEE 802.15.4 dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 uses an incorrect pointer chain, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-6336", url: "https://www.suse.com/security/cve/CVE-2013-6336", }, { category: "external", summary: "SUSE Bug 848738 for CVE-2013-6336", url: "https://bugzilla.suse.com/848738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-6336", }, { cve: "CVE-2013-6337", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-6337", }, ], notes: [ { category: "general", text: "Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-6337", url: "https://www.suse.com/security/cve/CVE-2013-6337", }, { category: "external", summary: "SUSE Bug 848738 for CVE-2013-6337", url: "https://bugzilla.suse.com/848738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-6337", }, { cve: "CVE-2013-6338", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-6338", }, ], notes: [ { category: "general", text: "The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-6338", url: "https://www.suse.com/security/cve/CVE-2013-6338", }, { category: "external", summary: "SUSE Bug 848738 for CVE-2013-6338", url: "https://bugzilla.suse.com/848738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-6338", }, { cve: "CVE-2013-6339", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-6339", }, ], notes: [ { category: "general", text: "The dissect_openwire_type function in epan/dissectors/packet-openwire.c in the OpenWire dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-6339", url: "https://www.suse.com/security/cve/CVE-2013-6339", }, { category: "external", summary: "SUSE Bug 848738 for CVE-2013-6339", url: "https://bugzilla.suse.com/848738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-6339", }, { cve: "CVE-2013-6340", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-6340", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-tcp.c in the TCP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly determine the amount of remaining data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-6340", url: "https://www.suse.com/security/cve/CVE-2013-6340", }, { category: "external", summary: "SUSE Bug 848738 for CVE-2013-6340", url: "https://bugzilla.suse.com/848738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-6340", }, { cve: "CVE-2013-7112", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-7112", }, ], notes: [ { category: "general", text: "The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-7112", url: "https://www.suse.com/security/cve/CVE-2013-7112", }, { category: "external", summary: "SUSE Bug 856498 for CVE-2013-7112", url: "https://bugzilla.suse.com/856498", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "important", }, ], title: "CVE-2013-7112", }, { cve: "CVE-2013-7113", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-7113", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark 1.10.x before 1.10.4 incorrectly relies on a global variable, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-7113", url: "https://www.suse.com/security/cve/CVE-2013-7113", }, { category: "external", summary: "SUSE Bug 856495 for CVE-2013-7113", url: "https://bugzilla.suse.com/856495", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-7113", }, { cve: "CVE-2013-7114", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-7114", }, ], notes: [ { category: "general", text: "Multiple buffer overflows in the create_ntlmssp_v2_key function in epan/dissectors/packet-ntlmssp.c in the NTLMSSP v2 dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 allow remote attackers to cause a denial of service (application crash) via a long domain name in a packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-7114", url: "https://www.suse.com/security/cve/CVE-2013-7114", }, { category: "external", summary: "SUSE Bug 856496 for CVE-2013-7114", url: "https://bugzilla.suse.com/856496", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "important", }, ], title: "CVE-2013-7114", }, { cve: "CVE-2014-2281", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-2281", }, ], notes: [ { category: "general", text: "The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-2281", url: "https://www.suse.com/security/cve/CVE-2014-2281", }, { category: "external", summary: "SUSE Bug 867485 for CVE-2014-2281", url: "https://bugzilla.suse.com/867485", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-2281", }, { cve: "CVE-2014-2282", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-2282", }, ], notes: [ { category: "general", text: "The dissect_protocol_data_parameter function in epan/dissectors/packet-m3ua.c in the M3UA dissector in Wireshark 1.10.x before 1.10.6 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted SS7 MTP3 packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-2282", url: "https://www.suse.com/security/cve/CVE-2014-2282", }, { category: "external", summary: "SUSE Bug 867485 for CVE-2014-2282", url: "https://bugzilla.suse.com/867485", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-2282", }, { cve: "CVE-2014-2283", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-2283", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-rlc in the RLC dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 uses inconsistent memory-management approaches, which allows remote attackers to cause a denial of service (use-after-free error and application crash) via a crafted UMTS Radio Link Control packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-2283", url: "https://www.suse.com/security/cve/CVE-2014-2283", }, { category: "external", summary: "SUSE Bug 867485 for CVE-2014-2283", url: "https://bugzilla.suse.com/867485", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-2283", }, { cve: "CVE-2014-2299", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-2299", }, ], notes: [ { category: "general", text: "Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the MPEG parser in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large record in MPEG data.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-2299", url: "https://www.suse.com/security/cve/CVE-2014-2299", }, { category: "external", summary: "SUSE Bug 867485 for CVE-2014-2299", url: "https://bugzilla.suse.com/867485", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "critical", }, ], title: "CVE-2014-2299", }, { cve: "CVE-2014-6421", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6421", }, ], notes: [ { category: "general", text: "Use-after-free vulnerability in the SDP dissector in Wireshark 1.10.x before 1.10.10 allows remote attackers to cause a denial of service (application crash) via a crafted packet that leverages split memory ownership between the SDP and RTP dissectors.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6421", url: "https://www.suse.com/security/cve/CVE-2014-6421", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6421", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6421", }, { cve: "CVE-2014-6422", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6422", }, ], notes: [ { category: "general", text: "The SDP dissector in Wireshark 1.10.x before 1.10.10 creates duplicate hashtables for a media channel, which allows remote attackers to cause a denial of service (application crash) via a crafted packet to the RTP dissector.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6422", url: "https://www.suse.com/security/cve/CVE-2014-6422", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6422", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6422", }, { cve: "CVE-2014-6423", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6423", }, ], notes: [ { category: "general", text: "The tvb_raw_text_add function in epan/dissectors/packet-megaco.c in the MEGACO dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (infinite loop) via an empty line.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6423", url: "https://www.suse.com/security/cve/CVE-2014-6423", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6423", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6423", }, { cve: "CVE-2014-6424", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6424", }, ], notes: [ { category: "general", text: "The dissect_v9_v10_pdu_data function in epan/dissectors/packet-netflow.c in the Netflow dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 refers to incorrect offset and start variables, which allows remote attackers to cause a denial of service (uninitialized memory read and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6424", url: "https://www.suse.com/security/cve/CVE-2014-6424", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6424", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6424", }, { cve: "CVE-2014-6427", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6427", }, ], notes: [ { category: "general", text: "Off-by-one error in the is_rtsp_request_or_reply function in epan/dissectors/packet-rtsp.c in the RTSP dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet that triggers parsing of a token located one position beyond the current position.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6427", url: "https://www.suse.com/security/cve/CVE-2014-6427", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6427", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6427", }, { cve: "CVE-2014-6428", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6428", }, ], notes: [ { category: "general", text: "The dissect_spdu function in epan/dissectors/packet-ses.c in the SES dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not initialize a certain ID value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6428", url: "https://www.suse.com/security/cve/CVE-2014-6428", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6428", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6428", }, { cve: "CVE-2014-6429", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6429", }, ], notes: [ { category: "general", text: "The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not properly handle empty input data, which allows remote attackers to cause a denial of service (application crash) via a crafted file.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6429", url: "https://www.suse.com/security/cve/CVE-2014-6429", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6429", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6429", }, { cve: "CVE-2014-6430", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6430", }, ], notes: [ { category: "general", text: "The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not validate bitmask data, which allows remote attackers to cause a denial of service (application crash) via a crafted file.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6430", url: "https://www.suse.com/security/cve/CVE-2014-6430", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6430", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6430", }, { cve: "CVE-2014-6431", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6431", }, ], notes: [ { category: "general", text: "Buffer overflow in the SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (application crash) via a crafted file that triggers writes of uncompressed bytes beyond the end of the output buffer.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6431", url: "https://www.suse.com/security/cve/CVE-2014-6431", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6431", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6431", }, { cve: "CVE-2014-6432", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6432", }, ], notes: [ { category: "general", text: "The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not prevent data overwrites during copy operations, which allows remote attackers to cause a denial of service (application crash) via a crafted file.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6432", url: "https://www.suse.com/security/cve/CVE-2014-6432", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6432", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6432", }, { cve: "CVE-2014-8710", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-8710", }, ], notes: [ { category: "general", text: "The decompress_sigcomp_message function in epan/sigcomp-udvm.c in the SigComp UDVM dissector in Wireshark 1.10.x before 1.10.11 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-8710", url: "https://www.suse.com/security/cve/CVE-2014-8710", }, { category: "external", summary: "SUSE Bug 905246 for CVE-2014-8710", url: "https://bugzilla.suse.com/905246", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-8710", }, { cve: "CVE-2014-8711", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-8711", }, ], notes: [ { category: "general", text: "Multiple integer overflows in epan/dissectors/packet-amqp.c in the AMQP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allow remote attackers to cause a denial of service (application crash) via a crafted amqp_0_10 PDU in a packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-8711", url: "https://www.suse.com/security/cve/CVE-2014-8711", }, { category: "external", summary: "SUSE Bug 905245 for CVE-2014-8711", url: "https://bugzilla.suse.com/905245", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-8711", }, { cve: "CVE-2014-8712", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-8712", }, ], notes: [ { category: "general", text: "The build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-8712", url: "https://www.suse.com/security/cve/CVE-2014-8712", }, { category: "external", summary: "SUSE Bug 905248 for CVE-2014-8712", url: "https://bugzilla.suse.com/905248", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-8712", }, { cve: "CVE-2014-8713", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-8713", }, ], notes: [ { category: "general", text: "Stack-based buffer overflow in the build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-8713", url: "https://www.suse.com/security/cve/CVE-2014-8713", }, { category: "external", summary: "SUSE Bug 905248 for CVE-2014-8713", url: "https://bugzilla.suse.com/905248", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-8713", }, { cve: "CVE-2014-8714", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-8714", }, ], notes: [ { category: "general", text: "The dissect_write_structured_field function in epan/dissectors/packet-tn5250.c in the TN5250 dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-8714", url: "https://www.suse.com/security/cve/CVE-2014-8714", }, { category: "external", summary: "SUSE Bug 905247 for CVE-2014-8714", url: "https://bugzilla.suse.com/905247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-8714", }, { cve: "CVE-2015-0559", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0559", }, ], notes: [ { category: "general", text: "Multiple use-after-free vulnerabilities in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted packet, related to the use of packet-scope memory instead of pinfo-scope memory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0559", url: "https://www.suse.com/security/cve/CVE-2015-0559", }, { category: "external", summary: "SUSE Bug 912365 for CVE-2015-0559", url: "https://bugzilla.suse.com/912365", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-0559", }, { cve: "CVE-2015-0560", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0560", }, ], notes: [ { category: "general", text: "The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not initialize certain data structures, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0560", url: "https://www.suse.com/security/cve/CVE-2015-0560", }, { category: "external", summary: "SUSE Bug 912365 for CVE-2015-0560", url: "https://bugzilla.suse.com/912365", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-0560", }, { cve: "CVE-2015-0561", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0561", }, ], notes: [ { category: "general", text: "asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0561", url: "https://www.suse.com/security/cve/CVE-2015-0561", }, { category: "external", summary: "SUSE Bug 912368 for CVE-2015-0561", url: "https://bugzilla.suse.com/912368", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-0561", }, { cve: "CVE-2015-0562", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0562", }, ], notes: [ { category: "general", text: "Multiple use-after-free vulnerabilities in epan/dissectors/packet-dec-dnart.c in the DEC DNA Routing Protocol dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted packet, related to the use of packet-scope memory instead of pinfo-scope memory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0562", url: "https://www.suse.com/security/cve/CVE-2015-0562", }, { category: "external", summary: "SUSE Bug 912369 for CVE-2015-0562", url: "https://bugzilla.suse.com/912369", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-0562", }, { cve: "CVE-2015-0563", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0563", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-smtp.c in the SMTP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 uses an incorrect length value for certain string-append operations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0563", url: "https://www.suse.com/security/cve/CVE-2015-0563", }, { category: "external", summary: "SUSE Bug 912370 for CVE-2015-0563", url: "https://bugzilla.suse.com/912370", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-0563", }, { cve: "CVE-2015-0564", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0564", }, ], notes: [ { category: "general", text: "Buffer underflow in the ssl_decrypt_record function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet that is improperly handled during decryption of an SSL session.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0564", url: "https://www.suse.com/security/cve/CVE-2015-0564", }, { category: "external", summary: "SUSE Bug 912372 for CVE-2015-0564", url: "https://bugzilla.suse.com/912372", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-0564", }, { cve: "CVE-2015-2188", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-2188", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that is improperly handled during decompression.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-2188", url: "https://www.suse.com/security/cve/CVE-2015-2188", }, { category: "external", summary: "SUSE Bug 920696 for CVE-2015-2188", url: "https://bugzilla.suse.com/920696", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-2188", }, { cve: "CVE-2015-2189", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-2189", }, ], notes: [ { category: "general", text: "Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via an invalid Interface Statistics Block (ISB) interface ID in a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-2189", url: "https://www.suse.com/security/cve/CVE-2015-2189", }, { category: "external", summary: "SUSE Bug 920697 for CVE-2015-2189", url: "https://bugzilla.suse.com/920697", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-2189", }, { cve: "CVE-2015-2191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-2191", }, ], notes: [ { category: "general", text: "Integer overflow in the dissect_tnef function in epan/dissectors/packet-tnef.c in the TNEF dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-2191", url: "https://www.suse.com/security/cve/CVE-2015-2191", }, { category: "external", summary: "SUSE Bug 920699 for CVE-2015-2191", url: "https://bugzilla.suse.com/920699", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-2191", }, { cve: "CVE-2015-3811", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3811", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 improperly refers to previously processed bytes, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, a different vulnerability than CVE-2015-2188.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3811", url: "https://www.suse.com/security/cve/CVE-2015-3811", }, { category: "external", summary: "SUSE Bug 930689 for CVE-2015-3811", url: "https://bugzilla.suse.com/930689", }, { category: "external", summary: "SUSE Bug 930691 for CVE-2015-3811", url: "https://bugzilla.suse.com/930691", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-3811", }, { cve: "CVE-2015-3812", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3812", }, ], notes: [ { category: "general", text: "Multiple memory leaks in the x11_init_protocol function in epan/dissectors/packet-x11.c in the X11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 allow remote attackers to cause a denial of service (memory consumption) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3812", url: "https://www.suse.com/security/cve/CVE-2015-3812", }, { category: "external", summary: "SUSE Bug 930689 for CVE-2015-3812", url: "https://bugzilla.suse.com/930689", }, { category: "external", summary: "SUSE Bug 930691 for CVE-2015-3812", url: "https://bugzilla.suse.com/930691", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-3812", }, { cve: "CVE-2015-3814", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3814", }, ], notes: [ { category: "general", text: "The (1) dissect_tfs_request and (2) dissect_tfs_response functions in epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 interpret a zero value as a length rather than an error condition, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3814", url: "https://www.suse.com/security/cve/CVE-2015-3814", }, { category: "external", summary: "SUSE Bug 930689 for CVE-2015-3814", url: "https://bugzilla.suse.com/930689", }, { category: "external", summary: "SUSE Bug 930691 for CVE-2015-3814", url: "https://bugzilla.suse.com/930691", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-3814", }, ], }
suse-su-2015:0653-1
Vulnerability from csaf_suse
Published
2014-11-14 12:53
Modified
2014-11-14 12:53
Summary
Security update for wireshark
Notes
Title of the patch
Security update for wireshark
Description of the patch
wireshark has been updated to version 1.10.11 to fix five security issues.
These security issues have been fixed:
* SigComp UDVM buffer overflow (CVE-2014-8710).
* AMQP dissector crash (CVE-2014-8711).
* NCP dissector crashes (CVE-2014-8712, CVE-2014-8713).
* TN5250 infinite loops (CVE-2014-8714).
This non-security issue has been fixed:
* enable zlib (bnc#899303).
Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html
<https://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html>
Security Issues:
* CVE-2014-8711
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8711>
* CVE-2014-8710
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8710>
* CVE-2014-8714
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8714>
* CVE-2014-8712
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8712>
* CVE-2014-8713
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8713>
Patchnames
sdksp3-wireshark,sledsp3-wireshark,slessp3-wireshark
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for wireshark", title: "Title of the patch", }, { category: "description", text: "\nwireshark has been updated to version 1.10.11 to fix five security issues.\n\nThese security issues have been fixed:\n\n * SigComp UDVM buffer overflow (CVE-2014-8710).\n * AMQP dissector crash (CVE-2014-8711).\n * NCP dissector crashes (CVE-2014-8712, CVE-2014-8713).\n * TN5250 infinite loops (CVE-2014-8714).\n\nThis non-security issue has been fixed:\n\n * enable zlib (bnc#899303).\n\nFurther bug fixes and updated protocol support as listed in:\n\nhttps://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html\n<https://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html>\n\nSecurity Issues:\n\n * CVE-2014-8711\n <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8711>\n * CVE-2014-8710\n <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8710>\n * CVE-2014-8714\n <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8714>\n * CVE-2014-8712\n <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8712>\n * CVE-2014-8713\n <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8713>\n\n", title: "Description of the patch", }, { category: "details", text: "sdksp3-wireshark,sledsp3-wireshark,slessp3-wireshark", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_0653-1.json", }, { category: "self", summary: "URL for SUSE-SU-2015:0653-1", url: "https://www.suse.com/support/update/announcement/2015/suse-su-20150653-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2015:0653-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2015-April/001323.html", }, { category: "self", summary: "SUSE Bug 813217", url: "https://bugzilla.suse.com/813217", }, { category: "self", summary: "SUSE Bug 816517", url: "https://bugzilla.suse.com/816517", }, { category: "self", summary: "SUSE Bug 816887", url: "https://bugzilla.suse.com/816887", }, { category: "self", summary: "SUSE Bug 820973", url: "https://bugzilla.suse.com/820973", }, { category: "self", summary: "SUSE Bug 824900", url: "https://bugzilla.suse.com/824900", }, { category: "self", summary: "SUSE Bug 831718", url: "https://bugzilla.suse.com/831718", }, { category: "self", summary: "SUSE Bug 839607", url: "https://bugzilla.suse.com/839607", }, { category: "self", summary: "SUSE Bug 848738", url: "https://bugzilla.suse.com/848738", }, { category: "self", summary: "SUSE Bug 855980", url: "https://bugzilla.suse.com/855980", }, { category: "self", summary: "SUSE Bug 856495", url: "https://bugzilla.suse.com/856495", }, { category: "self", summary: "SUSE Bug 856496", url: "https://bugzilla.suse.com/856496", }, { category: "self", summary: "SUSE Bug 856498", url: "https://bugzilla.suse.com/856498", }, { category: "self", summary: "SUSE Bug 867485", url: "https://bugzilla.suse.com/867485", }, { category: "self", summary: "SUSE Bug 889854", url: "https://bugzilla.suse.com/889854", }, { category: "self", summary: "SUSE Bug 889899", url: "https://bugzilla.suse.com/889899", }, { category: "self", summary: "SUSE Bug 889900", url: "https://bugzilla.suse.com/889900", }, { category: "self", summary: "SUSE Bug 889901", url: "https://bugzilla.suse.com/889901", }, { category: "self", summary: "SUSE Bug 889906", url: "https://bugzilla.suse.com/889906", }, { category: "self", summary: "SUSE Bug 897055", url: "https://bugzilla.suse.com/897055", }, { category: "self", summary: "SUSE Bug 899303", url: "https://bugzilla.suse.com/899303", }, { category: "self", summary: "SUSE Bug 905245", url: "https://bugzilla.suse.com/905245", }, { category: "self", summary: "SUSE Bug 905246", url: "https://bugzilla.suse.com/905246", }, { category: "self", summary: "SUSE Bug 905247", url: "https://bugzilla.suse.com/905247", }, { category: "self", summary: "SUSE Bug 905248", url: "https://bugzilla.suse.com/905248", }, { category: "self", summary: "SUSE Bug 912365", url: "https://bugzilla.suse.com/912365", }, { category: "self", summary: "SUSE Bug 912368", url: "https://bugzilla.suse.com/912368", }, { category: "self", summary: "SUSE Bug 912369", url: "https://bugzilla.suse.com/912369", }, { category: "self", summary: "SUSE Bug 912370", url: "https://bugzilla.suse.com/912370", }, { category: "self", summary: "SUSE Bug 912372", url: "https://bugzilla.suse.com/912372", }, { category: "self", summary: "SUSE Bug 920696", url: "https://bugzilla.suse.com/920696", }, { category: "self", summary: "SUSE Bug 920697", url: "https://bugzilla.suse.com/920697", }, { category: "self", summary: "SUSE Bug 920699", url: "https://bugzilla.suse.com/920699", }, { category: "self", summary: "SUSE Bug 930691", url: "https://bugzilla.suse.com/930691", }, { category: "self", summary: "SUSE CVE CVE-2013-2486 page", url: "https://www.suse.com/security/cve/CVE-2013-2486/", }, { category: "self", summary: "SUSE CVE CVE-2013-2487 page", url: "https://www.suse.com/security/cve/CVE-2013-2487/", }, { category: "self", summary: "SUSE CVE CVE-2013-3555 page", url: "https://www.suse.com/security/cve/CVE-2013-3555/", }, { category: "self", summary: "SUSE CVE CVE-2013-3556 page", url: "https://www.suse.com/security/cve/CVE-2013-3556/", }, { category: "self", summary: "SUSE CVE CVE-2013-3557 page", url: "https://www.suse.com/security/cve/CVE-2013-3557/", }, { category: "self", summary: "SUSE CVE CVE-2013-3558 page", url: "https://www.suse.com/security/cve/CVE-2013-3558/", }, { category: "self", summary: "SUSE CVE CVE-2013-3559 page", url: "https://www.suse.com/security/cve/CVE-2013-3559/", }, { category: "self", summary: "SUSE CVE CVE-2013-3560 page", url: "https://www.suse.com/security/cve/CVE-2013-3560/", }, { category: "self", summary: "SUSE CVE CVE-2013-3561 page", url: "https://www.suse.com/security/cve/CVE-2013-3561/", }, { category: "self", summary: "SUSE CVE CVE-2013-3562 page", url: "https://www.suse.com/security/cve/CVE-2013-3562/", }, { category: "self", summary: "SUSE CVE CVE-2013-4074 page", url: "https://www.suse.com/security/cve/CVE-2013-4074/", }, { category: "self", summary: "SUSE CVE CVE-2013-4075 page", url: "https://www.suse.com/security/cve/CVE-2013-4075/", }, { category: "self", summary: "SUSE CVE CVE-2013-4076 page", url: "https://www.suse.com/security/cve/CVE-2013-4076/", }, { category: "self", summary: "SUSE CVE CVE-2013-4077 page", url: "https://www.suse.com/security/cve/CVE-2013-4077/", }, { category: "self", summary: "SUSE CVE CVE-2013-4078 page", url: "https://www.suse.com/security/cve/CVE-2013-4078/", }, { category: "self", summary: "SUSE CVE CVE-2013-4079 page", url: "https://www.suse.com/security/cve/CVE-2013-4079/", }, { category: "self", summary: "SUSE CVE CVE-2013-4080 page", url: "https://www.suse.com/security/cve/CVE-2013-4080/", }, { category: "self", summary: "SUSE CVE CVE-2013-4081 page", url: "https://www.suse.com/security/cve/CVE-2013-4081/", }, { category: "self", summary: "SUSE CVE CVE-2013-4082 page", url: "https://www.suse.com/security/cve/CVE-2013-4082/", }, { category: "self", summary: "SUSE CVE CVE-2013-4083 page", url: "https://www.suse.com/security/cve/CVE-2013-4083/", }, { category: "self", summary: "SUSE CVE CVE-2013-4929 page", url: "https://www.suse.com/security/cve/CVE-2013-4929/", }, { category: "self", summary: "SUSE CVE CVE-2013-4930 page", url: "https://www.suse.com/security/cve/CVE-2013-4930/", }, { category: "self", summary: "SUSE CVE CVE-2013-4931 page", url: "https://www.suse.com/security/cve/CVE-2013-4931/", }, { category: "self", summary: "SUSE CVE CVE-2013-4932 page", url: "https://www.suse.com/security/cve/CVE-2013-4932/", }, { category: "self", summary: "SUSE CVE CVE-2013-4933 page", url: "https://www.suse.com/security/cve/CVE-2013-4933/", }, { category: "self", summary: "SUSE CVE CVE-2013-4934 page", url: "https://www.suse.com/security/cve/CVE-2013-4934/", }, { category: "self", summary: "SUSE CVE CVE-2013-4935 page", url: "https://www.suse.com/security/cve/CVE-2013-4935/", }, { category: "self", summary: "SUSE CVE CVE-2013-6336 page", url: "https://www.suse.com/security/cve/CVE-2013-6336/", }, { category: "self", summary: "SUSE CVE CVE-2013-6337 page", url: "https://www.suse.com/security/cve/CVE-2013-6337/", }, { category: "self", summary: "SUSE CVE CVE-2013-6338 page", url: "https://www.suse.com/security/cve/CVE-2013-6338/", }, { category: "self", summary: "SUSE CVE CVE-2013-6339 page", url: "https://www.suse.com/security/cve/CVE-2013-6339/", }, { category: "self", summary: "SUSE CVE CVE-2013-6340 page", url: "https://www.suse.com/security/cve/CVE-2013-6340/", }, { category: "self", summary: "SUSE CVE CVE-2013-7112 page", url: "https://www.suse.com/security/cve/CVE-2013-7112/", }, { category: "self", summary: "SUSE CVE CVE-2013-7113 page", url: "https://www.suse.com/security/cve/CVE-2013-7113/", }, { category: "self", summary: "SUSE CVE CVE-2013-7114 page", url: "https://www.suse.com/security/cve/CVE-2013-7114/", }, { category: "self", summary: "SUSE CVE CVE-2014-2281 page", url: "https://www.suse.com/security/cve/CVE-2014-2281/", }, { category: "self", summary: "SUSE CVE CVE-2014-2282 page", url: "https://www.suse.com/security/cve/CVE-2014-2282/", }, { category: "self", summary: "SUSE CVE CVE-2014-2283 page", url: "https://www.suse.com/security/cve/CVE-2014-2283/", }, { category: "self", summary: "SUSE CVE CVE-2014-2299 page", url: "https://www.suse.com/security/cve/CVE-2014-2299/", }, { category: "self", summary: "SUSE CVE CVE-2014-6421 page", url: "https://www.suse.com/security/cve/CVE-2014-6421/", }, { category: "self", summary: "SUSE CVE CVE-2014-6422 page", url: "https://www.suse.com/security/cve/CVE-2014-6422/", }, { category: "self", summary: "SUSE CVE CVE-2014-6423 page", url: "https://www.suse.com/security/cve/CVE-2014-6423/", }, { category: "self", summary: "SUSE CVE CVE-2014-6424 page", url: "https://www.suse.com/security/cve/CVE-2014-6424/", }, { category: "self", summary: "SUSE CVE CVE-2014-6427 page", url: "https://www.suse.com/security/cve/CVE-2014-6427/", }, { category: "self", summary: "SUSE CVE CVE-2014-6428 page", url: "https://www.suse.com/security/cve/CVE-2014-6428/", }, { category: "self", summary: "SUSE CVE CVE-2014-6429 page", url: "https://www.suse.com/security/cve/CVE-2014-6429/", }, { category: "self", summary: "SUSE CVE CVE-2014-6430 page", url: "https://www.suse.com/security/cve/CVE-2014-6430/", }, { category: "self", summary: "SUSE CVE CVE-2014-6431 page", url: "https://www.suse.com/security/cve/CVE-2014-6431/", }, { category: "self", summary: "SUSE CVE CVE-2014-6432 page", url: "https://www.suse.com/security/cve/CVE-2014-6432/", }, { category: "self", summary: "SUSE CVE CVE-2014-8710 page", url: "https://www.suse.com/security/cve/CVE-2014-8710/", }, { category: "self", summary: "SUSE CVE CVE-2014-8711 page", url: "https://www.suse.com/security/cve/CVE-2014-8711/", }, { category: "self", summary: "SUSE CVE CVE-2014-8712 page", url: "https://www.suse.com/security/cve/CVE-2014-8712/", }, { category: "self", summary: "SUSE CVE CVE-2014-8713 page", url: "https://www.suse.com/security/cve/CVE-2014-8713/", }, { category: "self", summary: "SUSE CVE CVE-2014-8714 page", url: "https://www.suse.com/security/cve/CVE-2014-8714/", }, { category: "self", summary: "SUSE CVE CVE-2015-0559 page", url: "https://www.suse.com/security/cve/CVE-2015-0559/", }, { category: "self", summary: "SUSE CVE CVE-2015-0560 page", url: "https://www.suse.com/security/cve/CVE-2015-0560/", }, { category: "self", summary: "SUSE CVE CVE-2015-0561 page", url: "https://www.suse.com/security/cve/CVE-2015-0561/", }, { category: "self", summary: "SUSE CVE CVE-2015-0562 page", url: "https://www.suse.com/security/cve/CVE-2015-0562/", }, { category: "self", summary: "SUSE CVE CVE-2015-0563 page", url: "https://www.suse.com/security/cve/CVE-2015-0563/", }, { category: "self", summary: "SUSE CVE CVE-2015-0564 page", url: "https://www.suse.com/security/cve/CVE-2015-0564/", }, { category: "self", summary: "SUSE CVE CVE-2015-2188 page", url: "https://www.suse.com/security/cve/CVE-2015-2188/", }, { category: "self", summary: "SUSE CVE CVE-2015-2189 page", url: "https://www.suse.com/security/cve/CVE-2015-2189/", }, { category: "self", summary: "SUSE CVE CVE-2015-2191 page", url: "https://www.suse.com/security/cve/CVE-2015-2191/", }, { category: "self", summary: "SUSE CVE CVE-2015-3811 page", url: "https://www.suse.com/security/cve/CVE-2015-3811/", }, { category: "self", summary: "SUSE CVE CVE-2015-3812 page", url: "https://www.suse.com/security/cve/CVE-2015-3812/", }, { category: "self", summary: "SUSE CVE CVE-2015-3814 page", url: "https://www.suse.com/security/cve/CVE-2015-3814/", }, ], title: "Security update for wireshark", tracking: { current_release_date: "2014-11-14T12:53:20Z", generator: { date: "2014-11-14T12:53:20Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2015:0653-1", initial_release_date: "2014-11-14T12:53:20Z", revision_history: [ { date: "2014-11-14T12:53:20Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "wireshark-1.10.11-0.2.1.i586", product: { name: "wireshark-1.10.11-0.2.1.i586", product_id: "wireshark-1.10.11-0.2.1.i586", }, }, { category: "product_version", name: "wireshark-devel-1.10.11-0.2.1.i586", product: { name: "wireshark-devel-1.10.11-0.2.1.i586", product_id: "wireshark-devel-1.10.11-0.2.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "wireshark-devel-1.10.11-0.2.1.ia64", product: { name: "wireshark-devel-1.10.11-0.2.1.ia64", product_id: "wireshark-devel-1.10.11-0.2.1.ia64", }, }, { category: "product_version", name: "wireshark-1.10.11-0.2.1.ia64", product: { name: "wireshark-1.10.11-0.2.1.ia64", product_id: "wireshark-1.10.11-0.2.1.ia64", }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "wireshark-devel-1.10.11-0.2.1.ppc64", product: { name: "wireshark-devel-1.10.11-0.2.1.ppc64", product_id: "wireshark-devel-1.10.11-0.2.1.ppc64", }, }, { category: "product_version", name: "wireshark-1.10.11-0.2.1.ppc64", product: { name: "wireshark-1.10.11-0.2.1.ppc64", product_id: "wireshark-1.10.11-0.2.1.ppc64", }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "wireshark-devel-1.10.11-0.2.1.s390x", product: { name: "wireshark-devel-1.10.11-0.2.1.s390x", product_id: "wireshark-devel-1.10.11-0.2.1.s390x", }, }, { category: "product_version", name: "wireshark-1.10.11-0.2.1.s390x", product: { name: "wireshark-1.10.11-0.2.1.s390x", product_id: "wireshark-1.10.11-0.2.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "wireshark-1.10.11-0.2.1.x86_64", product: { name: "wireshark-1.10.11-0.2.1.x86_64", product_id: "wireshark-1.10.11-0.2.1.x86_64", }, }, { category: "product_version", name: "wireshark-devel-1.10.11-0.2.1.x86_64", product: { name: "wireshark-devel-1.10.11-0.2.1.x86_64", product_id: "wireshark-devel-1.10.11-0.2.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Software Development Kit 11 SP3", product: { name: "SUSE Linux Enterprise Software Development Kit 11 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP3", product_identification_helper: { cpe: "cpe:/a:suse:sle-sdk:11:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Desktop 11 SP3", product: { name: "SUSE Linux Enterprise Desktop 11 SP3", product_id: "SUSE Linux Enterprise Desktop 11 SP3", product_identification_helper: { cpe: "cpe:/o:suse:suse_sled:11:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 11 SP3", product: { name: "SUSE Linux Enterprise Server 11 SP3", product_id: "SUSE Linux Enterprise Server 11 SP3", product_identification_helper: { cpe: "cpe:/o:suse:suse_sles:11:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 11 SP3-TERADATA", product: { name: "SUSE Linux Enterprise Server 11 SP3-TERADATA", product_id: "SUSE Linux Enterprise Server 11 SP3-TERADATA", product_identification_helper: { cpe: "cpe:/o:suse:sles:11:sp3:teradata", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", product: { name: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:11:sp3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", }, product_reference: "wireshark-1.10.11-0.2.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", }, product_reference: "wireshark-1.10.11-0.2.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-1.10.11-0.2.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", }, product_reference: "wireshark-devel-1.10.11-0.2.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-1.10.11-0.2.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", }, product_reference: "wireshark-devel-1.10.11-0.2.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-1.10.11-0.2.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", }, product_reference: "wireshark-devel-1.10.11-0.2.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-1.10.11-0.2.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", }, product_reference: "wireshark-devel-1.10.11-0.2.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-1.10.11-0.2.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", }, product_reference: "wireshark-devel-1.10.11-0.2.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.i586 as component of SUSE Linux Enterprise Desktop 11 SP3", product_id: "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", }, product_reference: "wireshark-1.10.11-0.2.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Desktop 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.x86_64 as component of SUSE Linux Enterprise Desktop 11 SP3", product_id: "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", }, product_reference: "wireshark-1.10.11-0.2.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.i586 as component of SUSE Linux Enterprise Server 11 SP3", product_id: "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", }, product_reference: "wireshark-1.10.11-0.2.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.ia64 as component of SUSE Linux Enterprise Server 11 SP3", product_id: "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", }, product_reference: "wireshark-1.10.11-0.2.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP3", product_id: "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", }, product_reference: "wireshark-1.10.11-0.2.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.s390x as component of SUSE Linux Enterprise Server 11 SP3", product_id: "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", }, product_reference: "wireshark-1.10.11-0.2.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3", product_id: "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", }, product_reference: "wireshark-1.10.11-0.2.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", product_id: "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", }, product_reference: "wireshark-1.10.11-0.2.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-TERADATA", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.ia64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", product_id: "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", }, product_reference: "wireshark-1.10.11-0.2.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-TERADATA", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", product_id: "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", }, product_reference: "wireshark-1.10.11-0.2.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-TERADATA", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", product_id: "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", }, product_reference: "wireshark-1.10.11-0.2.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-TERADATA", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", product_id: "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", }, product_reference: "wireshark-1.10.11-0.2.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-TERADATA", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", }, product_reference: "wireshark-1.10.11-0.2.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", }, product_reference: "wireshark-1.10.11-0.2.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", }, product_reference: "wireshark-1.10.11-0.2.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", }, product_reference: "wireshark-1.10.11-0.2.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", }, product_reference: "wireshark-1.10.11-0.2.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", }, ], }, vulnerabilities: [ { cve: "CVE-2013-2486", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-2486", }, ], notes: [ { category: "general", text: "The dissect_diagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-2486", url: "https://www.suse.com/security/cve/CVE-2013-2486", }, { category: "external", summary: "SUSE Bug 807942 for CVE-2013-2486", url: "https://bugzilla.suse.com/807942", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-2486", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-2486", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-2486", }, { cve: "CVE-2013-2487", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-2487", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet, related to the (1) dissect_icecandidates, (2) dissect_kinddata, (3) dissect_nodeid_list, (4) dissect_storeans, (5) dissect_storereq, (6) dissect_storeddataspecifier, (7) dissect_fetchreq, (8) dissect_findans, (9) dissect_diagnosticinfo, (10) dissect_diagnosticresponse, (11) dissect_reload_messagecontents, and (12) dissect_reload_message functions, a different vulnerability than CVE-2013-2486.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-2487", url: "https://www.suse.com/security/cve/CVE-2013-2487", }, { category: "external", summary: "SUSE Bug 807942 for CVE-2013-2487", url: "https://bugzilla.suse.com/807942", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-2487", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-2487", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "important", }, ], title: "CVE-2013-2487", }, { cve: "CVE-2013-3555", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3555", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3555", url: "https://www.suse.com/security/cve/CVE-2013-3555", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3555", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3555", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-3555", }, { cve: "CVE-2013-3556", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3556", }, ], notes: [ { category: "general", text: "The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3556", url: "https://www.suse.com/security/cve/CVE-2013-3556", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3556", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3556", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-3556", }, { cve: "CVE-2013-3557", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3557", }, ], notes: [ { category: "general", text: "The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3557", url: "https://www.suse.com/security/cve/CVE-2013-3557", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3557", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3557", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-3557", }, { cve: "CVE-2013-3558", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3558", }, ], notes: [ { category: "general", text: "The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3558", url: "https://www.suse.com/security/cve/CVE-2013-3558", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3558", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3558", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-3558", }, { cve: "CVE-2013-3559", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3559", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3559", url: "https://www.suse.com/security/cve/CVE-2013-3559", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3559", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3559", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-3559", }, { cve: "CVE-2013-3560", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3560", }, ], notes: [ { category: "general", text: "The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3560", url: "https://www.suse.com/security/cve/CVE-2013-3560", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3560", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3560", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-3560", }, { cve: "CVE-2013-3561", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3561", }, ], notes: [ { category: "general", text: "Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3561", url: "https://www.suse.com/security/cve/CVE-2013-3561", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3561", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3561", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-3561", }, { cve: "CVE-2013-3562", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3562", }, ], notes: [ { category: "general", text: "Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3562", url: "https://www.suse.com/security/cve/CVE-2013-3562", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3562", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3562", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-3562", }, { cve: "CVE-2013-4074", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4074", }, ], notes: [ { category: "general", text: "The dissect_capwap_data function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4074", url: "https://www.suse.com/security/cve/CVE-2013-4074", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4074", url: "https://bugzilla.suse.com/824900", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4074", }, { cve: "CVE-2013-4075", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4075", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-gmr1_bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4075", url: "https://www.suse.com/security/cve/CVE-2013-4075", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4075", url: "https://bugzilla.suse.com/824900", }, { category: "external", summary: "SUSE Bug 836146 for CVE-2013-4075", url: "https://bugzilla.suse.com/836146", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4075", }, { cve: "CVE-2013-4076", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4076", }, ], notes: [ { category: "general", text: "Buffer overflow in the dissect_iphc_crtp_fh function in epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4076", url: "https://www.suse.com/security/cve/CVE-2013-4076", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4076", url: "https://bugzilla.suse.com/824900", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4076", }, { cve: "CVE-2013-4077", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4077", }, ], notes: [ { category: "general", text: "Array index error in the NBAP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to nbap.cnf and packet-nbap.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4077", url: "https://www.suse.com/security/cve/CVE-2013-4077", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4077", url: "https://bugzilla.suse.com/824900", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4077", }, { cve: "CVE-2013-4078", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4078", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-rdp.c in the RDP dissector in Wireshark 1.8.x before 1.8.8 does not validate return values during checks for data availability, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4078", url: "https://www.suse.com/security/cve/CVE-2013-4078", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4078", url: "https://bugzilla.suse.com/824900", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4078", }, { cve: "CVE-2013-4079", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4079", }, ], notes: [ { category: "general", text: "The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite loop and application hang) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4079", url: "https://www.suse.com/security/cve/CVE-2013-4079", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4079", url: "https://bugzilla.suse.com/824900", }, { category: "external", summary: "SUSE Bug 836146 for CVE-2013-4079", url: "https://bugzilla.suse.com/836146", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4079", }, { cve: "CVE-2013-4080", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4080", }, ], notes: [ { category: "general", text: "The dissect_r3_upstreamcommand_queryconfig function in epan/dissectors/packet-assa_r3.c in the Assa Abloy R3 dissector in Wireshark 1.8.x before 1.8.8 does not properly handle a zero-length item, which allows remote attackers to cause a denial of service (infinite loop, and CPU and memory consumption) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4080", url: "https://www.suse.com/security/cve/CVE-2013-4080", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4080", url: "https://bugzilla.suse.com/824900", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4080", }, { cve: "CVE-2013-4081", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4081", }, ], notes: [ { category: "general", text: "The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4081", url: "https://www.suse.com/security/cve/CVE-2013-4081", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4081", url: "https://bugzilla.suse.com/824900", }, { category: "external", summary: "SUSE Bug 836116 for CVE-2013-4081", url: "https://bugzilla.suse.com/836116", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4081", }, { cve: "CVE-2013-4082", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4082", }, ], notes: [ { category: "general", text: "The vwr_read function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.8 does not validate the relationship between a record length and a trailer length, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4082", url: "https://www.suse.com/security/cve/CVE-2013-4082", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4082", url: "https://bugzilla.suse.com/824900", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4082", }, { cve: "CVE-2013-4083", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4083", }, ], notes: [ { category: "general", text: "The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4083", url: "https://www.suse.com/security/cve/CVE-2013-4083", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4083", url: "https://bugzilla.suse.com/824900", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4083", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4083", }, { cve: "CVE-2013-4929", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4929", }, ], notes: [ { category: "general", text: "The parseFields function in epan/dissectors/packet-dis-pdus.c in the DIS dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not terminate packet-data processing after finding zero remaining bytes, which allows remote attackers to cause a denial of service (loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4929", url: "https://www.suse.com/security/cve/CVE-2013-4929", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4929", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "important", }, ], title: "CVE-2013-4929", }, { cve: "CVE-2013-4930", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4930", }, ], notes: [ { category: "general", text: "The dissect_dvbci_tpdu_hdr function in epan/dissectors/packet-dvbci.c in the DVB-CI dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not validate a certain length value before decrementing it, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4930", url: "https://www.suse.com/security/cve/CVE-2013-4930", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4930", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4930", }, { cve: "CVE-2013-4931", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4931", }, ], notes: [ { category: "general", text: "epan/proto.c in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (loop) via a crafted packet that is not properly handled by the GSM RR dissector.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4931", url: "https://www.suse.com/security/cve/CVE-2013-4931", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4931", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4931", }, { cve: "CVE-2013-4932", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4932", }, ], notes: [ { category: "general", text: "Multiple array index errors in epan/dissectors/packet-gsm_a_common.c in the GSM A Common dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allow remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4932", url: "https://www.suse.com/security/cve/CVE-2013-4932", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4932", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4932", }, { cve: "CVE-2013-4933", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4933", }, ], notes: [ { category: "general", text: "The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4933", url: "https://www.suse.com/security/cve/CVE-2013-4933", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4933", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4933", }, { cve: "CVE-2013-4934", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4934", }, ], notes: [ { category: "general", text: "The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize certain structure members, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4934", url: "https://www.suse.com/security/cve/CVE-2013-4934", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4934", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4934", }, { cve: "CVE-2013-4935", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4935", }, ], notes: [ { category: "general", text: "The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in certain abnormal situations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4935", url: "https://www.suse.com/security/cve/CVE-2013-4935", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4935", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4935", }, { cve: "CVE-2013-6336", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-6336", }, ], notes: [ { category: "general", text: "The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c in the IEEE 802.15.4 dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 uses an incorrect pointer chain, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-6336", url: "https://www.suse.com/security/cve/CVE-2013-6336", }, { category: "external", summary: "SUSE Bug 848738 for CVE-2013-6336", url: "https://bugzilla.suse.com/848738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-6336", }, { cve: "CVE-2013-6337", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-6337", }, ], notes: [ { category: "general", text: "Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-6337", url: "https://www.suse.com/security/cve/CVE-2013-6337", }, { category: "external", summary: "SUSE Bug 848738 for CVE-2013-6337", url: "https://bugzilla.suse.com/848738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-6337", }, { cve: "CVE-2013-6338", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-6338", }, ], notes: [ { category: "general", text: "The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-6338", url: "https://www.suse.com/security/cve/CVE-2013-6338", }, { category: "external", summary: "SUSE Bug 848738 for CVE-2013-6338", url: "https://bugzilla.suse.com/848738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-6338", }, { cve: "CVE-2013-6339", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-6339", }, ], notes: [ { category: "general", text: "The dissect_openwire_type function in epan/dissectors/packet-openwire.c in the OpenWire dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-6339", url: "https://www.suse.com/security/cve/CVE-2013-6339", }, { category: "external", summary: "SUSE Bug 848738 for CVE-2013-6339", url: "https://bugzilla.suse.com/848738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-6339", }, { cve: "CVE-2013-6340", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-6340", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-tcp.c in the TCP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly determine the amount of remaining data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-6340", url: "https://www.suse.com/security/cve/CVE-2013-6340", }, { category: "external", summary: "SUSE Bug 848738 for CVE-2013-6340", url: "https://bugzilla.suse.com/848738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-6340", }, { cve: "CVE-2013-7112", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-7112", }, ], notes: [ { category: "general", text: "The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-7112", url: "https://www.suse.com/security/cve/CVE-2013-7112", }, { category: "external", summary: "SUSE Bug 856498 for CVE-2013-7112", url: "https://bugzilla.suse.com/856498", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "important", }, ], title: "CVE-2013-7112", }, { cve: "CVE-2013-7113", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-7113", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark 1.10.x before 1.10.4 incorrectly relies on a global variable, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-7113", url: "https://www.suse.com/security/cve/CVE-2013-7113", }, { category: "external", summary: "SUSE Bug 856495 for CVE-2013-7113", url: "https://bugzilla.suse.com/856495", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-7113", }, { cve: "CVE-2013-7114", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-7114", }, ], notes: [ { category: "general", text: "Multiple buffer overflows in the create_ntlmssp_v2_key function in epan/dissectors/packet-ntlmssp.c in the NTLMSSP v2 dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 allow remote attackers to cause a denial of service (application crash) via a long domain name in a packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-7114", url: "https://www.suse.com/security/cve/CVE-2013-7114", }, { category: "external", summary: "SUSE Bug 856496 for CVE-2013-7114", url: "https://bugzilla.suse.com/856496", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "important", }, ], title: "CVE-2013-7114", }, { cve: "CVE-2014-2281", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-2281", }, ], notes: [ { category: "general", text: "The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-2281", url: "https://www.suse.com/security/cve/CVE-2014-2281", }, { category: "external", summary: "SUSE Bug 867485 for CVE-2014-2281", url: "https://bugzilla.suse.com/867485", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-2281", }, { cve: "CVE-2014-2282", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-2282", }, ], notes: [ { category: "general", text: "The dissect_protocol_data_parameter function in epan/dissectors/packet-m3ua.c in the M3UA dissector in Wireshark 1.10.x before 1.10.6 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted SS7 MTP3 packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-2282", url: "https://www.suse.com/security/cve/CVE-2014-2282", }, { category: "external", summary: "SUSE Bug 867485 for CVE-2014-2282", url: "https://bugzilla.suse.com/867485", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-2282", }, { cve: "CVE-2014-2283", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-2283", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-rlc in the RLC dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 uses inconsistent memory-management approaches, which allows remote attackers to cause a denial of service (use-after-free error and application crash) via a crafted UMTS Radio Link Control packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-2283", url: "https://www.suse.com/security/cve/CVE-2014-2283", }, { category: "external", summary: "SUSE Bug 867485 for CVE-2014-2283", url: "https://bugzilla.suse.com/867485", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-2283", }, { cve: "CVE-2014-2299", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-2299", }, ], notes: [ { category: "general", text: "Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the MPEG parser in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large record in MPEG data.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-2299", url: "https://www.suse.com/security/cve/CVE-2014-2299", }, { category: "external", summary: "SUSE Bug 867485 for CVE-2014-2299", url: "https://bugzilla.suse.com/867485", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "critical", }, ], title: "CVE-2014-2299", }, { cve: "CVE-2014-6421", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6421", }, ], notes: [ { category: "general", text: "Use-after-free vulnerability in the SDP dissector in Wireshark 1.10.x before 1.10.10 allows remote attackers to cause a denial of service (application crash) via a crafted packet that leverages split memory ownership between the SDP and RTP dissectors.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6421", url: "https://www.suse.com/security/cve/CVE-2014-6421", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6421", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6421", }, { cve: "CVE-2014-6422", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6422", }, ], notes: [ { category: "general", text: "The SDP dissector in Wireshark 1.10.x before 1.10.10 creates duplicate hashtables for a media channel, which allows remote attackers to cause a denial of service (application crash) via a crafted packet to the RTP dissector.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6422", url: "https://www.suse.com/security/cve/CVE-2014-6422", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6422", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6422", }, { cve: "CVE-2014-6423", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6423", }, ], notes: [ { category: "general", text: "The tvb_raw_text_add function in epan/dissectors/packet-megaco.c in the MEGACO dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (infinite loop) via an empty line.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6423", url: "https://www.suse.com/security/cve/CVE-2014-6423", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6423", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6423", }, { cve: "CVE-2014-6424", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6424", }, ], notes: [ { category: "general", text: "The dissect_v9_v10_pdu_data function in epan/dissectors/packet-netflow.c in the Netflow dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 refers to incorrect offset and start variables, which allows remote attackers to cause a denial of service (uninitialized memory read and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6424", url: "https://www.suse.com/security/cve/CVE-2014-6424", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6424", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6424", }, { cve: "CVE-2014-6427", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6427", }, ], notes: [ { category: "general", text: "Off-by-one error in the is_rtsp_request_or_reply function in epan/dissectors/packet-rtsp.c in the RTSP dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet that triggers parsing of a token located one position beyond the current position.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6427", url: "https://www.suse.com/security/cve/CVE-2014-6427", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6427", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6427", }, { cve: "CVE-2014-6428", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6428", }, ], notes: [ { category: "general", text: "The dissect_spdu function in epan/dissectors/packet-ses.c in the SES dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not initialize a certain ID value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6428", url: "https://www.suse.com/security/cve/CVE-2014-6428", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6428", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6428", }, { cve: "CVE-2014-6429", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6429", }, ], notes: [ { category: "general", text: "The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not properly handle empty input data, which allows remote attackers to cause a denial of service (application crash) via a crafted file.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6429", url: "https://www.suse.com/security/cve/CVE-2014-6429", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6429", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6429", }, { cve: "CVE-2014-6430", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6430", }, ], notes: [ { category: "general", text: "The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not validate bitmask data, which allows remote attackers to cause a denial of service (application crash) via a crafted file.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6430", url: "https://www.suse.com/security/cve/CVE-2014-6430", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6430", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6430", }, { cve: "CVE-2014-6431", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6431", }, ], notes: [ { category: "general", text: "Buffer overflow in the SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (application crash) via a crafted file that triggers writes of uncompressed bytes beyond the end of the output buffer.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6431", url: "https://www.suse.com/security/cve/CVE-2014-6431", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6431", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6431", }, { cve: "CVE-2014-6432", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6432", }, ], notes: [ { category: "general", text: "The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not prevent data overwrites during copy operations, which allows remote attackers to cause a denial of service (application crash) via a crafted file.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6432", url: "https://www.suse.com/security/cve/CVE-2014-6432", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6432", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6432", }, { cve: "CVE-2014-8710", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-8710", }, ], notes: [ { category: "general", text: "The decompress_sigcomp_message function in epan/sigcomp-udvm.c in the SigComp UDVM dissector in Wireshark 1.10.x before 1.10.11 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-8710", url: "https://www.suse.com/security/cve/CVE-2014-8710", }, { category: "external", summary: "SUSE Bug 905246 for CVE-2014-8710", url: "https://bugzilla.suse.com/905246", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-8710", }, { cve: "CVE-2014-8711", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-8711", }, ], notes: [ { category: "general", text: "Multiple integer overflows in epan/dissectors/packet-amqp.c in the AMQP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allow remote attackers to cause a denial of service (application crash) via a crafted amqp_0_10 PDU in a packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-8711", url: "https://www.suse.com/security/cve/CVE-2014-8711", }, { category: "external", summary: "SUSE Bug 905245 for CVE-2014-8711", url: "https://bugzilla.suse.com/905245", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-8711", }, { cve: "CVE-2014-8712", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-8712", }, ], notes: [ { category: "general", text: "The build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-8712", url: "https://www.suse.com/security/cve/CVE-2014-8712", }, { category: "external", summary: "SUSE Bug 905248 for CVE-2014-8712", url: "https://bugzilla.suse.com/905248", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-8712", }, { cve: "CVE-2014-8713", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-8713", }, ], notes: [ { category: "general", text: "Stack-based buffer overflow in the build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-8713", url: "https://www.suse.com/security/cve/CVE-2014-8713", }, { category: "external", summary: "SUSE Bug 905248 for CVE-2014-8713", url: "https://bugzilla.suse.com/905248", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-8713", }, { cve: "CVE-2014-8714", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-8714", }, ], notes: [ { category: "general", text: "The dissect_write_structured_field function in epan/dissectors/packet-tn5250.c in the TN5250 dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-8714", url: "https://www.suse.com/security/cve/CVE-2014-8714", }, { category: "external", summary: "SUSE Bug 905247 for CVE-2014-8714", url: "https://bugzilla.suse.com/905247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-8714", }, { cve: "CVE-2015-0559", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0559", }, ], notes: [ { category: "general", text: "Multiple use-after-free vulnerabilities in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted packet, related to the use of packet-scope memory instead of pinfo-scope memory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0559", url: "https://www.suse.com/security/cve/CVE-2015-0559", }, { category: "external", summary: "SUSE Bug 912365 for CVE-2015-0559", url: "https://bugzilla.suse.com/912365", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-0559", }, { cve: "CVE-2015-0560", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0560", }, ], notes: [ { category: "general", text: "The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not initialize certain data structures, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0560", url: "https://www.suse.com/security/cve/CVE-2015-0560", }, { category: "external", summary: "SUSE Bug 912365 for CVE-2015-0560", url: "https://bugzilla.suse.com/912365", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-0560", }, { cve: "CVE-2015-0561", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0561", }, ], notes: [ { category: "general", text: "asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0561", url: "https://www.suse.com/security/cve/CVE-2015-0561", }, { category: "external", summary: "SUSE Bug 912368 for CVE-2015-0561", url: "https://bugzilla.suse.com/912368", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-0561", }, { cve: "CVE-2015-0562", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0562", }, ], notes: [ { category: "general", text: "Multiple use-after-free vulnerabilities in epan/dissectors/packet-dec-dnart.c in the DEC DNA Routing Protocol dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted packet, related to the use of packet-scope memory instead of pinfo-scope memory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0562", url: "https://www.suse.com/security/cve/CVE-2015-0562", }, { category: "external", summary: "SUSE Bug 912369 for CVE-2015-0562", url: "https://bugzilla.suse.com/912369", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-0562", }, { cve: "CVE-2015-0563", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0563", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-smtp.c in the SMTP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 uses an incorrect length value for certain string-append operations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0563", url: "https://www.suse.com/security/cve/CVE-2015-0563", }, { category: "external", summary: "SUSE Bug 912370 for CVE-2015-0563", url: "https://bugzilla.suse.com/912370", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-0563", }, { cve: "CVE-2015-0564", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0564", }, ], notes: [ { category: "general", text: "Buffer underflow in the ssl_decrypt_record function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet that is improperly handled during decryption of an SSL session.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0564", url: "https://www.suse.com/security/cve/CVE-2015-0564", }, { category: "external", summary: "SUSE Bug 912372 for CVE-2015-0564", url: "https://bugzilla.suse.com/912372", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-0564", }, { cve: "CVE-2015-2188", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-2188", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that is improperly handled during decompression.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-2188", url: "https://www.suse.com/security/cve/CVE-2015-2188", }, { category: "external", summary: "SUSE Bug 920696 for CVE-2015-2188", url: "https://bugzilla.suse.com/920696", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-2188", }, { cve: "CVE-2015-2189", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-2189", }, ], notes: [ { category: "general", text: "Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via an invalid Interface Statistics Block (ISB) interface ID in a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-2189", url: "https://www.suse.com/security/cve/CVE-2015-2189", }, { category: "external", summary: "SUSE Bug 920697 for CVE-2015-2189", url: "https://bugzilla.suse.com/920697", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-2189", }, { cve: "CVE-2015-2191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-2191", }, ], notes: [ { category: "general", text: "Integer overflow in the dissect_tnef function in epan/dissectors/packet-tnef.c in the TNEF dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-2191", url: "https://www.suse.com/security/cve/CVE-2015-2191", }, { category: "external", summary: "SUSE Bug 920699 for CVE-2015-2191", url: "https://bugzilla.suse.com/920699", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-2191", }, { cve: "CVE-2015-3811", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3811", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 improperly refers to previously processed bytes, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, a different vulnerability than CVE-2015-2188.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3811", url: "https://www.suse.com/security/cve/CVE-2015-3811", }, { category: "external", summary: "SUSE Bug 930689 for CVE-2015-3811", url: "https://bugzilla.suse.com/930689", }, { category: "external", summary: "SUSE Bug 930691 for CVE-2015-3811", url: "https://bugzilla.suse.com/930691", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-3811", }, { cve: "CVE-2015-3812", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3812", }, ], notes: [ { category: "general", text: "Multiple memory leaks in the x11_init_protocol function in epan/dissectors/packet-x11.c in the X11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 allow remote attackers to cause a denial of service (memory consumption) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3812", url: "https://www.suse.com/security/cve/CVE-2015-3812", }, { category: "external", summary: "SUSE Bug 930689 for CVE-2015-3812", url: "https://bugzilla.suse.com/930689", }, { category: "external", summary: "SUSE Bug 930691 for CVE-2015-3812", url: "https://bugzilla.suse.com/930691", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-3812", }, { cve: "CVE-2015-3814", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3814", }, ], notes: [ { category: "general", text: "The (1) dissect_tfs_request and (2) dissect_tfs_response functions in epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 interpret a zero value as a length rather than an error condition, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3814", url: "https://www.suse.com/security/cve/CVE-2015-3814", }, { category: "external", summary: "SUSE Bug 930689 for CVE-2015-3814", url: "https://bugzilla.suse.com/930689", }, { category: "external", summary: "SUSE Bug 930691 for CVE-2015-3814", url: "https://bugzilla.suse.com/930691", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-3814", }, ], }
suse-su-2015:1098-1
Vulnerability from csaf_suse
Published
2014-11-14 12:53
Modified
2014-11-14 12:53
Summary
Security update for wireshark
Notes
Title of the patch
Security update for wireshark
Description of the patch
wireshark has been updated to version 1.10.11 to fix five security issues.
These security issues have been fixed:
* SigComp UDVM buffer overflow (CVE-2014-8710).
* AMQP dissector crash (CVE-2014-8711).
* NCP dissector crashes (CVE-2014-8712, CVE-2014-8713).
* TN5250 infinite loops (CVE-2014-8714).
This non-security issue has been fixed:
* enable zlib (bnc#899303).
Further bug fixes and updated protocol support as listed in:
https://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html
<https://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html>
Security Issues:
* CVE-2014-8711
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8711>
* CVE-2014-8710
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8710>
* CVE-2014-8714
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8714>
* CVE-2014-8712
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8712>
* CVE-2014-8713
<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8713>
Patchnames
sdksp3-wireshark,sledsp3-wireshark,slessp3-wireshark
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for wireshark", title: "Title of the patch", }, { category: "description", text: "\nwireshark has been updated to version 1.10.11 to fix five security issues.\n\nThese security issues have been fixed:\n\n * SigComp UDVM buffer overflow (CVE-2014-8710).\n * AMQP dissector crash (CVE-2014-8711).\n * NCP dissector crashes (CVE-2014-8712, CVE-2014-8713).\n * TN5250 infinite loops (CVE-2014-8714).\n\nThis non-security issue has been fixed:\n\n * enable zlib (bnc#899303).\n\nFurther bug fixes and updated protocol support as listed in:\n\nhttps://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html\n<https://www.wireshark.org/docs/relnotes/wireshark-1.10.11.html>\n\nSecurity Issues:\n\n * CVE-2014-8711\n <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8711>\n * CVE-2014-8710\n <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8710>\n * CVE-2014-8714\n <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8714>\n * CVE-2014-8712\n <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8712>\n * CVE-2014-8713\n <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8713>\n\n", title: "Description of the patch", }, { category: "details", text: "sdksp3-wireshark,sledsp3-wireshark,slessp3-wireshark", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_1098-1.json", }, { category: "self", summary: "URL for SUSE-SU-2015:1098-1", url: "https://www.suse.com/support/update/announcement/2015/suse-su-20151098-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2015:1098-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2015-June/001448.html", }, { category: "self", summary: "SUSE Bug 813217", url: "https://bugzilla.suse.com/813217", }, { category: "self", summary: "SUSE Bug 816517", url: "https://bugzilla.suse.com/816517", }, { category: "self", summary: "SUSE Bug 816887", url: "https://bugzilla.suse.com/816887", }, { category: "self", summary: "SUSE Bug 820973", url: "https://bugzilla.suse.com/820973", }, { category: "self", summary: "SUSE Bug 824900", url: "https://bugzilla.suse.com/824900", }, { category: "self", summary: "SUSE Bug 831718", url: "https://bugzilla.suse.com/831718", }, { category: "self", summary: "SUSE Bug 839607", url: "https://bugzilla.suse.com/839607", }, { category: "self", summary: "SUSE Bug 848738", url: "https://bugzilla.suse.com/848738", }, { category: "self", summary: "SUSE Bug 855980", url: "https://bugzilla.suse.com/855980", }, { category: "self", summary: "SUSE Bug 856495", url: "https://bugzilla.suse.com/856495", }, { category: "self", summary: "SUSE Bug 856496", url: "https://bugzilla.suse.com/856496", }, { category: "self", summary: "SUSE Bug 856498", url: "https://bugzilla.suse.com/856498", }, { category: "self", summary: "SUSE Bug 867485", url: "https://bugzilla.suse.com/867485", }, { category: "self", summary: "SUSE Bug 889854", url: "https://bugzilla.suse.com/889854", }, { category: "self", summary: "SUSE Bug 889899", url: "https://bugzilla.suse.com/889899", }, { category: "self", summary: "SUSE Bug 889900", url: "https://bugzilla.suse.com/889900", }, { category: "self", summary: "SUSE Bug 889901", url: "https://bugzilla.suse.com/889901", }, { category: "self", summary: "SUSE Bug 889906", url: "https://bugzilla.suse.com/889906", }, { category: "self", summary: "SUSE Bug 897055", url: "https://bugzilla.suse.com/897055", }, { category: "self", summary: "SUSE Bug 899303", url: "https://bugzilla.suse.com/899303", }, { category: "self", summary: "SUSE Bug 905245", url: "https://bugzilla.suse.com/905245", }, { category: "self", summary: "SUSE Bug 905246", url: "https://bugzilla.suse.com/905246", }, { category: "self", summary: "SUSE Bug 905247", url: "https://bugzilla.suse.com/905247", }, { category: "self", summary: "SUSE Bug 905248", url: "https://bugzilla.suse.com/905248", }, { category: "self", summary: "SUSE Bug 912365", url: "https://bugzilla.suse.com/912365", }, { category: "self", summary: "SUSE Bug 912368", url: "https://bugzilla.suse.com/912368", }, { category: "self", summary: "SUSE Bug 912369", url: "https://bugzilla.suse.com/912369", }, { category: "self", summary: "SUSE Bug 912370", url: "https://bugzilla.suse.com/912370", }, { category: "self", summary: "SUSE Bug 912372", url: "https://bugzilla.suse.com/912372", }, { category: "self", summary: "SUSE Bug 920696", url: "https://bugzilla.suse.com/920696", }, { category: "self", summary: "SUSE Bug 920697", url: "https://bugzilla.suse.com/920697", }, { category: "self", summary: "SUSE Bug 920699", url: "https://bugzilla.suse.com/920699", }, { category: "self", summary: "SUSE Bug 930691", url: "https://bugzilla.suse.com/930691", }, { category: "self", summary: "SUSE CVE CVE-2013-2486 page", url: "https://www.suse.com/security/cve/CVE-2013-2486/", }, { category: "self", summary: "SUSE CVE CVE-2013-2487 page", url: "https://www.suse.com/security/cve/CVE-2013-2487/", }, { category: "self", summary: "SUSE CVE CVE-2013-3555 page", url: "https://www.suse.com/security/cve/CVE-2013-3555/", }, { category: "self", summary: "SUSE CVE CVE-2013-3556 page", url: "https://www.suse.com/security/cve/CVE-2013-3556/", }, { category: "self", summary: "SUSE CVE CVE-2013-3557 page", url: "https://www.suse.com/security/cve/CVE-2013-3557/", }, { category: "self", summary: "SUSE CVE CVE-2013-3558 page", url: "https://www.suse.com/security/cve/CVE-2013-3558/", }, { category: "self", summary: "SUSE CVE CVE-2013-3559 page", url: "https://www.suse.com/security/cve/CVE-2013-3559/", }, { category: "self", summary: "SUSE CVE CVE-2013-3560 page", url: "https://www.suse.com/security/cve/CVE-2013-3560/", }, { category: "self", summary: "SUSE CVE CVE-2013-3561 page", url: "https://www.suse.com/security/cve/CVE-2013-3561/", }, { category: "self", summary: "SUSE CVE CVE-2013-3562 page", url: "https://www.suse.com/security/cve/CVE-2013-3562/", }, { category: "self", summary: "SUSE CVE CVE-2013-4074 page", url: "https://www.suse.com/security/cve/CVE-2013-4074/", }, { category: "self", summary: "SUSE CVE CVE-2013-4075 page", url: "https://www.suse.com/security/cve/CVE-2013-4075/", }, { category: "self", summary: "SUSE CVE CVE-2013-4076 page", url: "https://www.suse.com/security/cve/CVE-2013-4076/", }, { category: "self", summary: "SUSE CVE CVE-2013-4077 page", url: "https://www.suse.com/security/cve/CVE-2013-4077/", }, { category: "self", summary: "SUSE CVE CVE-2013-4078 page", url: "https://www.suse.com/security/cve/CVE-2013-4078/", }, { category: "self", summary: "SUSE CVE CVE-2013-4079 page", url: "https://www.suse.com/security/cve/CVE-2013-4079/", }, { category: "self", summary: "SUSE CVE CVE-2013-4080 page", url: "https://www.suse.com/security/cve/CVE-2013-4080/", }, { category: "self", summary: "SUSE CVE CVE-2013-4081 page", url: "https://www.suse.com/security/cve/CVE-2013-4081/", }, { category: "self", summary: "SUSE CVE CVE-2013-4082 page", url: "https://www.suse.com/security/cve/CVE-2013-4082/", }, { category: "self", summary: "SUSE CVE CVE-2013-4083 page", url: "https://www.suse.com/security/cve/CVE-2013-4083/", }, { category: "self", summary: "SUSE CVE CVE-2013-4929 page", url: "https://www.suse.com/security/cve/CVE-2013-4929/", }, { category: "self", summary: "SUSE CVE CVE-2013-4930 page", url: "https://www.suse.com/security/cve/CVE-2013-4930/", }, { category: "self", summary: "SUSE CVE CVE-2013-4931 page", url: "https://www.suse.com/security/cve/CVE-2013-4931/", }, { category: "self", summary: "SUSE CVE CVE-2013-4932 page", url: "https://www.suse.com/security/cve/CVE-2013-4932/", }, { category: "self", summary: "SUSE CVE CVE-2013-4933 page", url: "https://www.suse.com/security/cve/CVE-2013-4933/", }, { category: "self", summary: "SUSE CVE CVE-2013-4934 page", url: "https://www.suse.com/security/cve/CVE-2013-4934/", }, { category: "self", summary: "SUSE CVE CVE-2013-4935 page", url: "https://www.suse.com/security/cve/CVE-2013-4935/", }, { category: "self", summary: "SUSE CVE CVE-2013-6336 page", url: "https://www.suse.com/security/cve/CVE-2013-6336/", }, { category: "self", summary: "SUSE CVE CVE-2013-6337 page", url: "https://www.suse.com/security/cve/CVE-2013-6337/", }, { category: "self", summary: "SUSE CVE CVE-2013-6338 page", url: "https://www.suse.com/security/cve/CVE-2013-6338/", }, { category: "self", summary: "SUSE CVE CVE-2013-6339 page", url: "https://www.suse.com/security/cve/CVE-2013-6339/", }, { category: "self", summary: "SUSE CVE CVE-2013-6340 page", url: "https://www.suse.com/security/cve/CVE-2013-6340/", }, { category: "self", summary: "SUSE CVE CVE-2013-7112 page", url: "https://www.suse.com/security/cve/CVE-2013-7112/", }, { category: "self", summary: "SUSE CVE CVE-2013-7113 page", url: "https://www.suse.com/security/cve/CVE-2013-7113/", }, { category: "self", summary: "SUSE CVE CVE-2013-7114 page", url: "https://www.suse.com/security/cve/CVE-2013-7114/", }, { category: "self", summary: "SUSE CVE CVE-2014-2281 page", url: "https://www.suse.com/security/cve/CVE-2014-2281/", }, { category: "self", summary: "SUSE CVE CVE-2014-2282 page", url: "https://www.suse.com/security/cve/CVE-2014-2282/", }, { category: "self", summary: "SUSE CVE CVE-2014-2283 page", url: "https://www.suse.com/security/cve/CVE-2014-2283/", }, { category: "self", summary: "SUSE CVE CVE-2014-2299 page", url: "https://www.suse.com/security/cve/CVE-2014-2299/", }, { category: "self", summary: "SUSE CVE CVE-2014-6421 page", url: "https://www.suse.com/security/cve/CVE-2014-6421/", }, { category: "self", summary: "SUSE CVE CVE-2014-6422 page", url: "https://www.suse.com/security/cve/CVE-2014-6422/", }, { category: "self", summary: "SUSE CVE CVE-2014-6423 page", url: "https://www.suse.com/security/cve/CVE-2014-6423/", }, { category: "self", summary: "SUSE CVE CVE-2014-6424 page", url: "https://www.suse.com/security/cve/CVE-2014-6424/", }, { category: "self", summary: "SUSE CVE CVE-2014-6427 page", url: "https://www.suse.com/security/cve/CVE-2014-6427/", }, { category: "self", summary: "SUSE CVE CVE-2014-6428 page", url: "https://www.suse.com/security/cve/CVE-2014-6428/", }, { category: "self", summary: "SUSE CVE CVE-2014-6429 page", url: "https://www.suse.com/security/cve/CVE-2014-6429/", }, { category: "self", summary: "SUSE CVE CVE-2014-6430 page", url: "https://www.suse.com/security/cve/CVE-2014-6430/", }, { category: "self", summary: "SUSE CVE CVE-2014-6431 page", url: "https://www.suse.com/security/cve/CVE-2014-6431/", }, { category: "self", summary: "SUSE CVE CVE-2014-6432 page", url: "https://www.suse.com/security/cve/CVE-2014-6432/", }, { category: "self", summary: "SUSE CVE CVE-2014-8710 page", url: "https://www.suse.com/security/cve/CVE-2014-8710/", }, { category: "self", summary: "SUSE CVE CVE-2014-8711 page", url: "https://www.suse.com/security/cve/CVE-2014-8711/", }, { category: "self", summary: "SUSE CVE CVE-2014-8712 page", url: "https://www.suse.com/security/cve/CVE-2014-8712/", }, { category: "self", summary: "SUSE CVE CVE-2014-8713 page", url: "https://www.suse.com/security/cve/CVE-2014-8713/", }, { category: "self", summary: "SUSE CVE CVE-2014-8714 page", url: "https://www.suse.com/security/cve/CVE-2014-8714/", }, { category: "self", summary: "SUSE CVE CVE-2015-0559 page", url: "https://www.suse.com/security/cve/CVE-2015-0559/", }, { category: "self", summary: "SUSE CVE CVE-2015-0560 page", url: "https://www.suse.com/security/cve/CVE-2015-0560/", }, { category: "self", summary: "SUSE CVE CVE-2015-0561 page", url: "https://www.suse.com/security/cve/CVE-2015-0561/", }, { category: "self", summary: "SUSE CVE CVE-2015-0562 page", url: "https://www.suse.com/security/cve/CVE-2015-0562/", }, { category: "self", summary: "SUSE CVE CVE-2015-0563 page", url: "https://www.suse.com/security/cve/CVE-2015-0563/", }, { category: "self", summary: "SUSE CVE CVE-2015-0564 page", url: "https://www.suse.com/security/cve/CVE-2015-0564/", }, { category: "self", summary: "SUSE CVE CVE-2015-2188 page", url: "https://www.suse.com/security/cve/CVE-2015-2188/", }, { category: "self", summary: "SUSE CVE CVE-2015-2189 page", url: "https://www.suse.com/security/cve/CVE-2015-2189/", }, { category: "self", summary: "SUSE CVE CVE-2015-2191 page", url: "https://www.suse.com/security/cve/CVE-2015-2191/", }, { category: "self", summary: "SUSE CVE CVE-2015-3811 page", url: "https://www.suse.com/security/cve/CVE-2015-3811/", }, { category: "self", summary: "SUSE CVE CVE-2015-3812 page", url: "https://www.suse.com/security/cve/CVE-2015-3812/", }, { category: "self", summary: "SUSE CVE CVE-2015-3814 page", url: "https://www.suse.com/security/cve/CVE-2015-3814/", }, ], title: "Security update for wireshark", tracking: { current_release_date: "2014-11-14T12:53:20Z", generator: { date: "2014-11-14T12:53:20Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2015:1098-1", initial_release_date: "2014-11-14T12:53:20Z", revision_history: [ { date: "2014-11-14T12:53:20Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "wireshark-1.10.11-0.2.1.i586", product: { name: "wireshark-1.10.11-0.2.1.i586", product_id: "wireshark-1.10.11-0.2.1.i586", }, }, { category: "product_version", name: "wireshark-devel-1.10.11-0.2.1.i586", product: { name: "wireshark-devel-1.10.11-0.2.1.i586", product_id: "wireshark-devel-1.10.11-0.2.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "wireshark-devel-1.10.11-0.2.1.ia64", product: { name: "wireshark-devel-1.10.11-0.2.1.ia64", product_id: "wireshark-devel-1.10.11-0.2.1.ia64", }, }, { category: "product_version", name: "wireshark-1.10.11-0.2.1.ia64", product: { name: "wireshark-1.10.11-0.2.1.ia64", product_id: "wireshark-1.10.11-0.2.1.ia64", }, }, ], category: "architecture", name: "ia64", }, { branches: [ { category: "product_version", name: "wireshark-devel-1.10.11-0.2.1.ppc64", product: { name: "wireshark-devel-1.10.11-0.2.1.ppc64", product_id: "wireshark-devel-1.10.11-0.2.1.ppc64", }, }, { category: "product_version", name: "wireshark-1.10.11-0.2.1.ppc64", product: { name: "wireshark-1.10.11-0.2.1.ppc64", product_id: "wireshark-1.10.11-0.2.1.ppc64", }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "wireshark-devel-1.10.11-0.2.1.s390x", product: { name: "wireshark-devel-1.10.11-0.2.1.s390x", product_id: "wireshark-devel-1.10.11-0.2.1.s390x", }, }, { category: "product_version", name: "wireshark-1.10.11-0.2.1.s390x", product: { name: "wireshark-1.10.11-0.2.1.s390x", product_id: "wireshark-1.10.11-0.2.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "wireshark-1.10.11-0.2.1.x86_64", product: { name: "wireshark-1.10.11-0.2.1.x86_64", product_id: "wireshark-1.10.11-0.2.1.x86_64", }, }, { category: "product_version", name: "wireshark-devel-1.10.11-0.2.1.x86_64", product: { name: "wireshark-devel-1.10.11-0.2.1.x86_64", product_id: "wireshark-devel-1.10.11-0.2.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Software Development Kit 11 SP3", product: { name: "SUSE Linux Enterprise Software Development Kit 11 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP3", product_identification_helper: { cpe: "cpe:/a:suse:sle-sdk:11:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Desktop 11 SP3", product: { name: "SUSE Linux Enterprise Desktop 11 SP3", product_id: "SUSE Linux Enterprise Desktop 11 SP3", product_identification_helper: { cpe: "cpe:/o:suse:suse_sled:11:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 11 SP3", product: { name: "SUSE Linux Enterprise Server 11 SP3", product_id: "SUSE Linux Enterprise Server 11 SP3", product_identification_helper: { cpe: "cpe:/o:suse:suse_sles:11:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 11 SP3-TERADATA", product: { name: "SUSE Linux Enterprise Server 11 SP3-TERADATA", product_id: "SUSE Linux Enterprise Server 11 SP3-TERADATA", product_identification_helper: { cpe: "cpe:/o:suse:sles:11:sp3:teradata", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", product: { name: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:11:sp3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", }, product_reference: "wireshark-1.10.11-0.2.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", }, product_reference: "wireshark-1.10.11-0.2.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-1.10.11-0.2.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", }, product_reference: "wireshark-devel-1.10.11-0.2.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-1.10.11-0.2.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", }, product_reference: "wireshark-devel-1.10.11-0.2.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-1.10.11-0.2.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", }, product_reference: "wireshark-devel-1.10.11-0.2.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-1.10.11-0.2.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", }, product_reference: "wireshark-devel-1.10.11-0.2.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-1.10.11-0.2.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP3", product_id: "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", }, product_reference: "wireshark-devel-1.10.11-0.2.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.i586 as component of SUSE Linux Enterprise Desktop 11 SP3", product_id: "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", }, product_reference: "wireshark-1.10.11-0.2.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Desktop 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.x86_64 as component of SUSE Linux Enterprise Desktop 11 SP3", product_id: "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", }, product_reference: "wireshark-1.10.11-0.2.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.i586 as component of SUSE Linux Enterprise Server 11 SP3", product_id: "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", }, product_reference: "wireshark-1.10.11-0.2.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.ia64 as component of SUSE Linux Enterprise Server 11 SP3", product_id: "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", }, product_reference: "wireshark-1.10.11-0.2.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP3", product_id: "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", }, product_reference: "wireshark-1.10.11-0.2.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.s390x as component of SUSE Linux Enterprise Server 11 SP3", product_id: "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", }, product_reference: "wireshark-1.10.11-0.2.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3", product_id: "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", }, product_reference: "wireshark-1.10.11-0.2.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", product_id: "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", }, product_reference: "wireshark-1.10.11-0.2.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-TERADATA", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.ia64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", product_id: "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", }, product_reference: "wireshark-1.10.11-0.2.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-TERADATA", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", product_id: "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", }, product_reference: "wireshark-1.10.11-0.2.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-TERADATA", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", product_id: "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", }, product_reference: "wireshark-1.10.11-0.2.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-TERADATA", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA", product_id: "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", }, product_reference: "wireshark-1.10.11-0.2.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP3-TERADATA", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", }, product_reference: "wireshark-1.10.11-0.2.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", }, product_reference: "wireshark-1.10.11-0.2.1.ia64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", }, product_reference: "wireshark-1.10.11-0.2.1.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", }, product_reference: "wireshark-1.10.11-0.2.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.11-0.2.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", }, product_reference: "wireshark-1.10.11-0.2.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 11 SP3", }, ], }, vulnerabilities: [ { cve: "CVE-2013-2486", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-2486", }, ], notes: [ { category: "general", text: "The dissect_diagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-2486", url: "https://www.suse.com/security/cve/CVE-2013-2486", }, { category: "external", summary: "SUSE Bug 807942 for CVE-2013-2486", url: "https://bugzilla.suse.com/807942", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-2486", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-2486", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-2486", }, { cve: "CVE-2013-2487", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-2487", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet, related to the (1) dissect_icecandidates, (2) dissect_kinddata, (3) dissect_nodeid_list, (4) dissect_storeans, (5) dissect_storereq, (6) dissect_storeddataspecifier, (7) dissect_fetchreq, (8) dissect_findans, (9) dissect_diagnosticinfo, (10) dissect_diagnosticresponse, (11) dissect_reload_messagecontents, and (12) dissect_reload_message functions, a different vulnerability than CVE-2013-2486.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-2487", url: "https://www.suse.com/security/cve/CVE-2013-2487", }, { category: "external", summary: "SUSE Bug 807942 for CVE-2013-2487", url: "https://bugzilla.suse.com/807942", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-2487", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-2487", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "important", }, ], title: "CVE-2013-2487", }, { cve: "CVE-2013-3555", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3555", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3555", url: "https://www.suse.com/security/cve/CVE-2013-3555", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3555", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3555", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-3555", }, { cve: "CVE-2013-3556", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3556", }, ], notes: [ { category: "general", text: "The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3556", url: "https://www.suse.com/security/cve/CVE-2013-3556", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3556", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3556", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-3556", }, { cve: "CVE-2013-3557", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3557", }, ], notes: [ { category: "general", text: "The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3557", url: "https://www.suse.com/security/cve/CVE-2013-3557", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3557", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3557", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-3557", }, { cve: "CVE-2013-3558", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3558", }, ], notes: [ { category: "general", text: "The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3558", url: "https://www.suse.com/security/cve/CVE-2013-3558", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3558", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3558", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-3558", }, { cve: "CVE-2013-3559", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3559", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3559", url: "https://www.suse.com/security/cve/CVE-2013-3559", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3559", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3559", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-3559", }, { cve: "CVE-2013-3560", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3560", }, ], notes: [ { category: "general", text: "The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3560", url: "https://www.suse.com/security/cve/CVE-2013-3560", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3560", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3560", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-3560", }, { cve: "CVE-2013-3561", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3561", }, ], notes: [ { category: "general", text: "Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3561", url: "https://www.suse.com/security/cve/CVE-2013-3561", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3561", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3561", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-3561", }, { cve: "CVE-2013-3562", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3562", }, ], notes: [ { category: "general", text: "Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3562", url: "https://www.suse.com/security/cve/CVE-2013-3562", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3562", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3562", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-3562", }, { cve: "CVE-2013-4074", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4074", }, ], notes: [ { category: "general", text: "The dissect_capwap_data function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4074", url: "https://www.suse.com/security/cve/CVE-2013-4074", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4074", url: "https://bugzilla.suse.com/824900", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4074", }, { cve: "CVE-2013-4075", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4075", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-gmr1_bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4075", url: "https://www.suse.com/security/cve/CVE-2013-4075", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4075", url: "https://bugzilla.suse.com/824900", }, { category: "external", summary: "SUSE Bug 836146 for CVE-2013-4075", url: "https://bugzilla.suse.com/836146", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4075", }, { cve: "CVE-2013-4076", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4076", }, ], notes: [ { category: "general", text: "Buffer overflow in the dissect_iphc_crtp_fh function in epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4076", url: "https://www.suse.com/security/cve/CVE-2013-4076", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4076", url: "https://bugzilla.suse.com/824900", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4076", }, { cve: "CVE-2013-4077", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4077", }, ], notes: [ { category: "general", text: "Array index error in the NBAP dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to nbap.cnf and packet-nbap.c.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4077", url: "https://www.suse.com/security/cve/CVE-2013-4077", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4077", url: "https://bugzilla.suse.com/824900", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4077", }, { cve: "CVE-2013-4078", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4078", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-rdp.c in the RDP dissector in Wireshark 1.8.x before 1.8.8 does not validate return values during checks for data availability, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4078", url: "https://www.suse.com/security/cve/CVE-2013-4078", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4078", url: "https://bugzilla.suse.com/824900", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4078", }, { cve: "CVE-2013-4079", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4079", }, ], notes: [ { category: "general", text: "The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite loop and application hang) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4079", url: "https://www.suse.com/security/cve/CVE-2013-4079", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4079", url: "https://bugzilla.suse.com/824900", }, { category: "external", summary: "SUSE Bug 836146 for CVE-2013-4079", url: "https://bugzilla.suse.com/836146", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4079", }, { cve: "CVE-2013-4080", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4080", }, ], notes: [ { category: "general", text: "The dissect_r3_upstreamcommand_queryconfig function in epan/dissectors/packet-assa_r3.c in the Assa Abloy R3 dissector in Wireshark 1.8.x before 1.8.8 does not properly handle a zero-length item, which allows remote attackers to cause a denial of service (infinite loop, and CPU and memory consumption) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4080", url: "https://www.suse.com/security/cve/CVE-2013-4080", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4080", url: "https://bugzilla.suse.com/824900", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4080", }, { cve: "CVE-2013-4081", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4081", }, ], notes: [ { category: "general", text: "The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4081", url: "https://www.suse.com/security/cve/CVE-2013-4081", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4081", url: "https://bugzilla.suse.com/824900", }, { category: "external", summary: "SUSE Bug 836116 for CVE-2013-4081", url: "https://bugzilla.suse.com/836116", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4081", }, { cve: "CVE-2013-4082", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4082", }, ], notes: [ { category: "general", text: "The vwr_read function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.8 does not validate the relationship between a record length and a trailer length, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4082", url: "https://www.suse.com/security/cve/CVE-2013-4082", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4082", url: "https://bugzilla.suse.com/824900", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4082", }, { cve: "CVE-2013-4083", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4083", }, ], notes: [ { category: "general", text: "The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4083", url: "https://www.suse.com/security/cve/CVE-2013-4083", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4083", url: "https://bugzilla.suse.com/824900", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4083", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4083", }, { cve: "CVE-2013-4929", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4929", }, ], notes: [ { category: "general", text: "The parseFields function in epan/dissectors/packet-dis-pdus.c in the DIS dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not terminate packet-data processing after finding zero remaining bytes, which allows remote attackers to cause a denial of service (loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4929", url: "https://www.suse.com/security/cve/CVE-2013-4929", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4929", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "important", }, ], title: "CVE-2013-4929", }, { cve: "CVE-2013-4930", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4930", }, ], notes: [ { category: "general", text: "The dissect_dvbci_tpdu_hdr function in epan/dissectors/packet-dvbci.c in the DVB-CI dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not validate a certain length value before decrementing it, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4930", url: "https://www.suse.com/security/cve/CVE-2013-4930", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4930", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4930", }, { cve: "CVE-2013-4931", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4931", }, ], notes: [ { category: "general", text: "epan/proto.c in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (loop) via a crafted packet that is not properly handled by the GSM RR dissector.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4931", url: "https://www.suse.com/security/cve/CVE-2013-4931", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4931", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4931", }, { cve: "CVE-2013-4932", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4932", }, ], notes: [ { category: "general", text: "Multiple array index errors in epan/dissectors/packet-gsm_a_common.c in the GSM A Common dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allow remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4932", url: "https://www.suse.com/security/cve/CVE-2013-4932", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4932", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4932", }, { cve: "CVE-2013-4933", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4933", }, ], notes: [ { category: "general", text: "The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4933", url: "https://www.suse.com/security/cve/CVE-2013-4933", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4933", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4933", }, { cve: "CVE-2013-4934", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4934", }, ], notes: [ { category: "general", text: "The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize certain structure members, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4934", url: "https://www.suse.com/security/cve/CVE-2013-4934", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4934", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4934", }, { cve: "CVE-2013-4935", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4935", }, ], notes: [ { category: "general", text: "The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in certain abnormal situations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4935", url: "https://www.suse.com/security/cve/CVE-2013-4935", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4935", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-4935", }, { cve: "CVE-2013-6336", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-6336", }, ], notes: [ { category: "general", text: "The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c in the IEEE 802.15.4 dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 uses an incorrect pointer chain, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-6336", url: "https://www.suse.com/security/cve/CVE-2013-6336", }, { category: "external", summary: "SUSE Bug 848738 for CVE-2013-6336", url: "https://bugzilla.suse.com/848738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-6336", }, { cve: "CVE-2013-6337", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-6337", }, ], notes: [ { category: "general", text: "Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-6337", url: "https://www.suse.com/security/cve/CVE-2013-6337", }, { category: "external", summary: "SUSE Bug 848738 for CVE-2013-6337", url: "https://bugzilla.suse.com/848738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-6337", }, { cve: "CVE-2013-6338", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-6338", }, ], notes: [ { category: "general", text: "The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-6338", url: "https://www.suse.com/security/cve/CVE-2013-6338", }, { category: "external", summary: "SUSE Bug 848738 for CVE-2013-6338", url: "https://bugzilla.suse.com/848738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-6338", }, { cve: "CVE-2013-6339", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-6339", }, ], notes: [ { category: "general", text: "The dissect_openwire_type function in epan/dissectors/packet-openwire.c in the OpenWire dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-6339", url: "https://www.suse.com/security/cve/CVE-2013-6339", }, { category: "external", summary: "SUSE Bug 848738 for CVE-2013-6339", url: "https://bugzilla.suse.com/848738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-6339", }, { cve: "CVE-2013-6340", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-6340", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-tcp.c in the TCP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly determine the amount of remaining data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-6340", url: "https://www.suse.com/security/cve/CVE-2013-6340", }, { category: "external", summary: "SUSE Bug 848738 for CVE-2013-6340", url: "https://bugzilla.suse.com/848738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-6340", }, { cve: "CVE-2013-7112", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-7112", }, ], notes: [ { category: "general", text: "The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-7112", url: "https://www.suse.com/security/cve/CVE-2013-7112", }, { category: "external", summary: "SUSE Bug 856498 for CVE-2013-7112", url: "https://bugzilla.suse.com/856498", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "important", }, ], title: "CVE-2013-7112", }, { cve: "CVE-2013-7113", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-7113", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark 1.10.x before 1.10.4 incorrectly relies on a global variable, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-7113", url: "https://www.suse.com/security/cve/CVE-2013-7113", }, { category: "external", summary: "SUSE Bug 856495 for CVE-2013-7113", url: "https://bugzilla.suse.com/856495", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2013-7113", }, { cve: "CVE-2013-7114", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-7114", }, ], notes: [ { category: "general", text: "Multiple buffer overflows in the create_ntlmssp_v2_key function in epan/dissectors/packet-ntlmssp.c in the NTLMSSP v2 dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 allow remote attackers to cause a denial of service (application crash) via a long domain name in a packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-7114", url: "https://www.suse.com/security/cve/CVE-2013-7114", }, { category: "external", summary: "SUSE Bug 856496 for CVE-2013-7114", url: "https://bugzilla.suse.com/856496", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "important", }, ], title: "CVE-2013-7114", }, { cve: "CVE-2014-2281", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-2281", }, ], notes: [ { category: "general", text: "The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-2281", url: "https://www.suse.com/security/cve/CVE-2014-2281", }, { category: "external", summary: "SUSE Bug 867485 for CVE-2014-2281", url: "https://bugzilla.suse.com/867485", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-2281", }, { cve: "CVE-2014-2282", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-2282", }, ], notes: [ { category: "general", text: "The dissect_protocol_data_parameter function in epan/dissectors/packet-m3ua.c in the M3UA dissector in Wireshark 1.10.x before 1.10.6 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted SS7 MTP3 packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-2282", url: "https://www.suse.com/security/cve/CVE-2014-2282", }, { category: "external", summary: "SUSE Bug 867485 for CVE-2014-2282", url: "https://bugzilla.suse.com/867485", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-2282", }, { cve: "CVE-2014-2283", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-2283", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-rlc in the RLC dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 uses inconsistent memory-management approaches, which allows remote attackers to cause a denial of service (use-after-free error and application crash) via a crafted UMTS Radio Link Control packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-2283", url: "https://www.suse.com/security/cve/CVE-2014-2283", }, { category: "external", summary: "SUSE Bug 867485 for CVE-2014-2283", url: "https://bugzilla.suse.com/867485", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-2283", }, { cve: "CVE-2014-2299", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-2299", }, ], notes: [ { category: "general", text: "Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the MPEG parser in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large record in MPEG data.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-2299", url: "https://www.suse.com/security/cve/CVE-2014-2299", }, { category: "external", summary: "SUSE Bug 867485 for CVE-2014-2299", url: "https://bugzilla.suse.com/867485", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "critical", }, ], title: "CVE-2014-2299", }, { cve: "CVE-2014-6421", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6421", }, ], notes: [ { category: "general", text: "Use-after-free vulnerability in the SDP dissector in Wireshark 1.10.x before 1.10.10 allows remote attackers to cause a denial of service (application crash) via a crafted packet that leverages split memory ownership between the SDP and RTP dissectors.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6421", url: "https://www.suse.com/security/cve/CVE-2014-6421", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6421", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6421", }, { cve: "CVE-2014-6422", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6422", }, ], notes: [ { category: "general", text: "The SDP dissector in Wireshark 1.10.x before 1.10.10 creates duplicate hashtables for a media channel, which allows remote attackers to cause a denial of service (application crash) via a crafted packet to the RTP dissector.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6422", url: "https://www.suse.com/security/cve/CVE-2014-6422", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6422", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6422", }, { cve: "CVE-2014-6423", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6423", }, ], notes: [ { category: "general", text: "The tvb_raw_text_add function in epan/dissectors/packet-megaco.c in the MEGACO dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (infinite loop) via an empty line.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6423", url: "https://www.suse.com/security/cve/CVE-2014-6423", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6423", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6423", }, { cve: "CVE-2014-6424", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6424", }, ], notes: [ { category: "general", text: "The dissect_v9_v10_pdu_data function in epan/dissectors/packet-netflow.c in the Netflow dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 refers to incorrect offset and start variables, which allows remote attackers to cause a denial of service (uninitialized memory read and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6424", url: "https://www.suse.com/security/cve/CVE-2014-6424", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6424", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6424", }, { cve: "CVE-2014-6427", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6427", }, ], notes: [ { category: "general", text: "Off-by-one error in the is_rtsp_request_or_reply function in epan/dissectors/packet-rtsp.c in the RTSP dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet that triggers parsing of a token located one position beyond the current position.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6427", url: "https://www.suse.com/security/cve/CVE-2014-6427", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6427", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6427", }, { cve: "CVE-2014-6428", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6428", }, ], notes: [ { category: "general", text: "The dissect_spdu function in epan/dissectors/packet-ses.c in the SES dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not initialize a certain ID value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6428", url: "https://www.suse.com/security/cve/CVE-2014-6428", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6428", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6428", }, { cve: "CVE-2014-6429", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6429", }, ], notes: [ { category: "general", text: "The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not properly handle empty input data, which allows remote attackers to cause a denial of service (application crash) via a crafted file.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6429", url: "https://www.suse.com/security/cve/CVE-2014-6429", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6429", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6429", }, { cve: "CVE-2014-6430", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6430", }, ], notes: [ { category: "general", text: "The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not validate bitmask data, which allows remote attackers to cause a denial of service (application crash) via a crafted file.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6430", url: "https://www.suse.com/security/cve/CVE-2014-6430", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6430", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6430", }, { cve: "CVE-2014-6431", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6431", }, ], notes: [ { category: "general", text: "Buffer overflow in the SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (application crash) via a crafted file that triggers writes of uncompressed bytes beyond the end of the output buffer.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6431", url: "https://www.suse.com/security/cve/CVE-2014-6431", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6431", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6431", }, { cve: "CVE-2014-6432", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6432", }, ], notes: [ { category: "general", text: "The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not prevent data overwrites during copy operations, which allows remote attackers to cause a denial of service (application crash) via a crafted file.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6432", url: "https://www.suse.com/security/cve/CVE-2014-6432", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6432", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-6432", }, { cve: "CVE-2014-8710", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-8710", }, ], notes: [ { category: "general", text: "The decompress_sigcomp_message function in epan/sigcomp-udvm.c in the SigComp UDVM dissector in Wireshark 1.10.x before 1.10.11 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-8710", url: "https://www.suse.com/security/cve/CVE-2014-8710", }, { category: "external", summary: "SUSE Bug 905246 for CVE-2014-8710", url: "https://bugzilla.suse.com/905246", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-8710", }, { cve: "CVE-2014-8711", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-8711", }, ], notes: [ { category: "general", text: "Multiple integer overflows in epan/dissectors/packet-amqp.c in the AMQP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allow remote attackers to cause a denial of service (application crash) via a crafted amqp_0_10 PDU in a packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-8711", url: "https://www.suse.com/security/cve/CVE-2014-8711", }, { category: "external", summary: "SUSE Bug 905245 for CVE-2014-8711", url: "https://bugzilla.suse.com/905245", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-8711", }, { cve: "CVE-2014-8712", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-8712", }, ], notes: [ { category: "general", text: "The build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-8712", url: "https://www.suse.com/security/cve/CVE-2014-8712", }, { category: "external", summary: "SUSE Bug 905248 for CVE-2014-8712", url: "https://bugzilla.suse.com/905248", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-8712", }, { cve: "CVE-2014-8713", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-8713", }, ], notes: [ { category: "general", text: "Stack-based buffer overflow in the build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-8713", url: "https://www.suse.com/security/cve/CVE-2014-8713", }, { category: "external", summary: "SUSE Bug 905248 for CVE-2014-8713", url: "https://bugzilla.suse.com/905248", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-8713", }, { cve: "CVE-2014-8714", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-8714", }, ], notes: [ { category: "general", text: "The dissect_write_structured_field function in epan/dissectors/packet-tn5250.c in the TN5250 dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-8714", url: "https://www.suse.com/security/cve/CVE-2014-8714", }, { category: "external", summary: "SUSE Bug 905247 for CVE-2014-8714", url: "https://bugzilla.suse.com/905247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2014-8714", }, { cve: "CVE-2015-0559", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0559", }, ], notes: [ { category: "general", text: "Multiple use-after-free vulnerabilities in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted packet, related to the use of packet-scope memory instead of pinfo-scope memory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0559", url: "https://www.suse.com/security/cve/CVE-2015-0559", }, { category: "external", summary: "SUSE Bug 912365 for CVE-2015-0559", url: "https://bugzilla.suse.com/912365", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-0559", }, { cve: "CVE-2015-0560", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0560", }, ], notes: [ { category: "general", text: "The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not initialize certain data structures, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0560", url: "https://www.suse.com/security/cve/CVE-2015-0560", }, { category: "external", summary: "SUSE Bug 912365 for CVE-2015-0560", url: "https://bugzilla.suse.com/912365", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-0560", }, { cve: "CVE-2015-0561", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0561", }, ], notes: [ { category: "general", text: "asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0561", url: "https://www.suse.com/security/cve/CVE-2015-0561", }, { category: "external", summary: "SUSE Bug 912368 for CVE-2015-0561", url: "https://bugzilla.suse.com/912368", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-0561", }, { cve: "CVE-2015-0562", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0562", }, ], notes: [ { category: "general", text: "Multiple use-after-free vulnerabilities in epan/dissectors/packet-dec-dnart.c in the DEC DNA Routing Protocol dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted packet, related to the use of packet-scope memory instead of pinfo-scope memory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0562", url: "https://www.suse.com/security/cve/CVE-2015-0562", }, { category: "external", summary: "SUSE Bug 912369 for CVE-2015-0562", url: "https://bugzilla.suse.com/912369", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-0562", }, { cve: "CVE-2015-0563", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0563", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-smtp.c in the SMTP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 uses an incorrect length value for certain string-append operations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0563", url: "https://www.suse.com/security/cve/CVE-2015-0563", }, { category: "external", summary: "SUSE Bug 912370 for CVE-2015-0563", url: "https://bugzilla.suse.com/912370", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-0563", }, { cve: "CVE-2015-0564", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0564", }, ], notes: [ { category: "general", text: "Buffer underflow in the ssl_decrypt_record function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet that is improperly handled during decryption of an SSL session.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0564", url: "https://www.suse.com/security/cve/CVE-2015-0564", }, { category: "external", summary: "SUSE Bug 912372 for CVE-2015-0564", url: "https://bugzilla.suse.com/912372", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-0564", }, { cve: "CVE-2015-2188", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-2188", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that is improperly handled during decompression.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-2188", url: "https://www.suse.com/security/cve/CVE-2015-2188", }, { category: "external", summary: "SUSE Bug 920696 for CVE-2015-2188", url: "https://bugzilla.suse.com/920696", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-2188", }, { cve: "CVE-2015-2189", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-2189", }, ], notes: [ { category: "general", text: "Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via an invalid Interface Statistics Block (ISB) interface ID in a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-2189", url: "https://www.suse.com/security/cve/CVE-2015-2189", }, { category: "external", summary: "SUSE Bug 920697 for CVE-2015-2189", url: "https://bugzilla.suse.com/920697", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-2189", }, { cve: "CVE-2015-2191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-2191", }, ], notes: [ { category: "general", text: "Integer overflow in the dissect_tnef function in epan/dissectors/packet-tnef.c in the TNEF dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-2191", url: "https://www.suse.com/security/cve/CVE-2015-2191", }, { category: "external", summary: "SUSE Bug 920699 for CVE-2015-2191", url: "https://bugzilla.suse.com/920699", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-2191", }, { cve: "CVE-2015-3811", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3811", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 improperly refers to previously processed bytes, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, a different vulnerability than CVE-2015-2188.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3811", url: "https://www.suse.com/security/cve/CVE-2015-3811", }, { category: "external", summary: "SUSE Bug 930689 for CVE-2015-3811", url: "https://bugzilla.suse.com/930689", }, { category: "external", summary: "SUSE Bug 930691 for CVE-2015-3811", url: "https://bugzilla.suse.com/930691", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-3811", }, { cve: "CVE-2015-3812", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3812", }, ], notes: [ { category: "general", text: "Multiple memory leaks in the x11_init_protocol function in epan/dissectors/packet-x11.c in the X11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 allow remote attackers to cause a denial of service (memory consumption) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3812", url: "https://www.suse.com/security/cve/CVE-2015-3812", }, { category: "external", summary: "SUSE Bug 930689 for CVE-2015-3812", url: "https://bugzilla.suse.com/930689", }, { category: "external", summary: "SUSE Bug 930691 for CVE-2015-3812", url: "https://bugzilla.suse.com/930691", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-3812", }, { cve: "CVE-2015-3814", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3814", }, ], notes: [ { category: "general", text: "The (1) dissect_tfs_request and (2) dissect_tfs_response functions in epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 interpret a zero value as a length rather than an error condition, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3814", url: "https://www.suse.com/security/cve/CVE-2015-3814", }, { category: "external", summary: "SUSE Bug 930689 for CVE-2015-3814", url: "https://bugzilla.suse.com/930689", }, { category: "external", summary: "SUSE Bug 930691 for CVE-2015-3814", url: "https://bugzilla.suse.com/930691", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Desktop 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3-TERADATA:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-1.10.11-0.2.1.x86_64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.i586", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ia64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.ppc64", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.s390x", "SUSE Linux Enterprise Software Development Kit 11 SP3:wireshark-devel-1.10.11-0.2.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2014-11-14T12:53:20Z", details: "moderate", }, ], title: "CVE-2015-3814", }, ], }
suse-su-2015:0307-1
Vulnerability from csaf_suse
Published
2015-01-22 08:55
Modified
2015-01-22 08:55
Summary
Security update for wireshark
Notes
Title of the patch
Security update for wireshark
Description of the patch
This update fixes the following security issues:
- The following vulnerabilities allowed Wireshark to be crashed by
injecting a malformed packet onto the wire or by convincing someone
to read a malformed packet trace file.
+ The WCCP dissector could crash
wnpa-sec-2015-01 CVE-2015-0559 CVE-2015-0560 [boo#912365]
+ The LPP dissector could crash.
wnpa-sec-2015-02 CVE-2015-0561 [boo#912368]
+ The DEC DNA Routing Protocol dissector could crash.
wnpa-sec-2015-03 CVE-2015-0562 [boo#912369]
+ The SMTP dissector could crash.
wnpa-sec-2015-04 CVE-2015-0563 [boo#912370]
+ Wireshark could crash while decypting TLS/SSL sessions.
wnpa-sec-2015-05 CVE-2015-0564 [boo#912372]
Patchnames
SUSE-SLE-DESKTOP-12-2015-81,SUSE-SLE-SDK-12-2015-81,SUSE-SLE-SERVER-12-2015-81
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for wireshark", title: "Title of the patch", }, { category: "description", text: "\n This update fixes the following security issues:\n\n- The following vulnerabilities allowed Wireshark to be crashed by\n injecting a malformed packet onto the wire or by convincing someone\n to read a malformed packet trace file.\n + The WCCP dissector could crash\n wnpa-sec-2015-01 CVE-2015-0559 CVE-2015-0560 [boo#912365]\n + The LPP dissector could crash.\n wnpa-sec-2015-02 CVE-2015-0561 [boo#912368]\n + The DEC DNA Routing Protocol dissector could crash.\n wnpa-sec-2015-03 CVE-2015-0562 [boo#912369]\n + The SMTP dissector could crash. \n wnpa-sec-2015-04 CVE-2015-0563 [boo#912370]\n + Wireshark could crash while decypting TLS/SSL sessions.\n wnpa-sec-2015-05 CVE-2015-0564 [boo#912372]\n", title: "Description of the patch", }, { category: "details", text: "SUSE-SLE-DESKTOP-12-2015-81,SUSE-SLE-SDK-12-2015-81,SUSE-SLE-SERVER-12-2015-81", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_0307-1.json", }, { category: "self", summary: "URL for SUSE-SU-2015:0307-1", url: "https://www.suse.com/support/update/announcement/2015/suse-su-20150307-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2015:0307-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2015-February/001234.html", }, { category: "self", summary: "SUSE Bug 912365", url: "https://bugzilla.suse.com/912365", }, { category: "self", summary: "SUSE Bug 912368", url: "https://bugzilla.suse.com/912368", }, { category: "self", summary: "SUSE Bug 912369", url: "https://bugzilla.suse.com/912369", }, { category: "self", summary: "SUSE Bug 912370", url: "https://bugzilla.suse.com/912370", }, { category: "self", summary: "SUSE Bug 912372", url: "https://bugzilla.suse.com/912372", }, { category: "self", summary: "SUSE CVE CVE-2015-0559 page", url: "https://www.suse.com/security/cve/CVE-2015-0559/", }, { category: "self", summary: "SUSE CVE CVE-2015-0560 page", url: "https://www.suse.com/security/cve/CVE-2015-0560/", }, { category: "self", summary: "SUSE CVE CVE-2015-0561 page", url: "https://www.suse.com/security/cve/CVE-2015-0561/", }, { category: "self", summary: "SUSE CVE CVE-2015-0562 page", url: "https://www.suse.com/security/cve/CVE-2015-0562/", }, { category: "self", summary: "SUSE CVE CVE-2015-0563 page", url: "https://www.suse.com/security/cve/CVE-2015-0563/", }, { category: "self", summary: "SUSE CVE CVE-2015-0564 page", url: "https://www.suse.com/security/cve/CVE-2015-0564/", }, ], title: "Security update for wireshark", tracking: { current_release_date: "2015-01-22T08:55:12Z", generator: { date: "2015-01-22T08:55:12Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2015:0307-1", initial_release_date: "2015-01-22T08:55:12Z", revision_history: [ { date: "2015-01-22T08:55:12Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "wireshark-devel-1.10.12-4.1.ppc64le", product: { name: "wireshark-devel-1.10.12-4.1.ppc64le", product_id: "wireshark-devel-1.10.12-4.1.ppc64le", }, }, { category: "product_version", name: "wireshark-1.10.12-4.1.ppc64le", product: { name: "wireshark-1.10.12-4.1.ppc64le", product_id: "wireshark-1.10.12-4.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "wireshark-devel-1.10.12-4.1.s390x", product: { name: "wireshark-devel-1.10.12-4.1.s390x", product_id: "wireshark-devel-1.10.12-4.1.s390x", }, }, { category: "product_version", name: "wireshark-1.10.12-4.1.s390x", product: { name: "wireshark-1.10.12-4.1.s390x", product_id: "wireshark-1.10.12-4.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "wireshark-1.10.12-4.1.x86_64", product: { name: "wireshark-1.10.12-4.1.x86_64", product_id: "wireshark-1.10.12-4.1.x86_64", }, }, { category: "product_version", name: "wireshark-devel-1.10.12-4.1.x86_64", product: { name: "wireshark-devel-1.10.12-4.1.x86_64", product_id: "wireshark-devel-1.10.12-4.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Desktop 12", product: { name: "SUSE Linux Enterprise Desktop 12", product_id: "SUSE Linux Enterprise Desktop 12", product_identification_helper: { cpe: "cpe:/o:suse:sled:12", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Software Development Kit 12", product: { name: "SUSE Linux Enterprise Software Development Kit 12", product_id: "SUSE Linux Enterprise Software Development Kit 12", product_identification_helper: { cpe: "cpe:/o:suse:sle-sdk:12", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12", product: { name: "SUSE Linux Enterprise Server 12", product_id: "SUSE Linux Enterprise Server 12", product_identification_helper: { cpe: "cpe:/o:suse:sles:12", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12", product_id: "SUSE Linux Enterprise Server for SAP Applications 12", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "wireshark-1.10.12-4.1.x86_64 as component of SUSE Linux Enterprise Desktop 12", product_id: "SUSE Linux Enterprise Desktop 12:wireshark-1.10.12-4.1.x86_64", }, product_reference: "wireshark-1.10.12-4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Desktop 12", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-1.10.12-4.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12", product_id: "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.ppc64le", }, product_reference: "wireshark-devel-1.10.12-4.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-1.10.12-4.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12", product_id: "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.s390x", }, product_reference: "wireshark-devel-1.10.12-4.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-1.10.12-4.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12", product_id: "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.x86_64", }, product_reference: "wireshark-devel-1.10.12-4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.12-4.1.ppc64le as component of SUSE Linux Enterprise Server 12", product_id: "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.ppc64le", }, product_reference: "wireshark-1.10.12-4.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.12-4.1.s390x as component of SUSE Linux Enterprise Server 12", product_id: "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.s390x", }, product_reference: "wireshark-1.10.12-4.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.12-4.1.x86_64 as component of SUSE Linux Enterprise Server 12", product_id: "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.x86_64", }, product_reference: "wireshark-1.10.12-4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.12-4.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12", product_id: "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.ppc64le", }, product_reference: "wireshark-1.10.12-4.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.12-4.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12", product_id: "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.s390x", }, product_reference: "wireshark-1.10.12-4.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12", }, { category: "default_component_of", full_product_name: { name: "wireshark-1.10.12-4.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12", product_id: "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.x86_64", }, product_reference: "wireshark-1.10.12-4.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12", }, ], }, vulnerabilities: [ { cve: "CVE-2015-0559", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0559", }, ], notes: [ { category: "general", text: "Multiple use-after-free vulnerabilities in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted packet, related to the use of packet-scope memory instead of pinfo-scope memory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.s390x", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.s390x", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0559", url: "https://www.suse.com/security/cve/CVE-2015-0559", }, { category: "external", summary: "SUSE Bug 912365 for CVE-2015-0559", url: "https://bugzilla.suse.com/912365", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.s390x", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.s390x", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2015-01-22T08:55:12Z", details: "moderate", }, ], title: "CVE-2015-0559", }, { cve: "CVE-2015-0560", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0560", }, ], notes: [ { category: "general", text: "The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not initialize certain data structures, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.s390x", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.s390x", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0560", url: "https://www.suse.com/security/cve/CVE-2015-0560", }, { category: "external", summary: "SUSE Bug 912365 for CVE-2015-0560", url: "https://bugzilla.suse.com/912365", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.s390x", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.s390x", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2015-01-22T08:55:12Z", details: "moderate", }, ], title: "CVE-2015-0560", }, { cve: "CVE-2015-0561", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0561", }, ], notes: [ { category: "general", text: "asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.s390x", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.s390x", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0561", url: "https://www.suse.com/security/cve/CVE-2015-0561", }, { category: "external", summary: "SUSE Bug 912368 for CVE-2015-0561", url: "https://bugzilla.suse.com/912368", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.s390x", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.s390x", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2015-01-22T08:55:12Z", details: "moderate", }, ], title: "CVE-2015-0561", }, { cve: "CVE-2015-0562", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0562", }, ], notes: [ { category: "general", text: "Multiple use-after-free vulnerabilities in epan/dissectors/packet-dec-dnart.c in the DEC DNA Routing Protocol dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted packet, related to the use of packet-scope memory instead of pinfo-scope memory.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.s390x", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.s390x", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0562", url: "https://www.suse.com/security/cve/CVE-2015-0562", }, { category: "external", summary: "SUSE Bug 912369 for CVE-2015-0562", url: "https://bugzilla.suse.com/912369", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.s390x", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.s390x", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2015-01-22T08:55:12Z", details: "moderate", }, ], title: "CVE-2015-0562", }, { cve: "CVE-2015-0563", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0563", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-smtp.c in the SMTP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 uses an incorrect length value for certain string-append operations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.s390x", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.s390x", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0563", url: "https://www.suse.com/security/cve/CVE-2015-0563", }, { category: "external", summary: "SUSE Bug 912370 for CVE-2015-0563", url: "https://bugzilla.suse.com/912370", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.s390x", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.s390x", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2015-01-22T08:55:12Z", details: "moderate", }, ], title: "CVE-2015-0563", }, { cve: "CVE-2015-0564", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0564", }, ], notes: [ { category: "general", text: "Buffer underflow in the ssl_decrypt_record function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet that is improperly handled during decryption of an SSL session.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Desktop 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.s390x", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.s390x", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0564", url: "https://www.suse.com/security/cve/CVE-2015-0564", }, { category: "external", summary: "SUSE Bug 912372 for CVE-2015-0564", url: "https://bugzilla.suse.com/912372", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Desktop 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.s390x", "SUSE Linux Enterprise Server 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12:wireshark-1.10.12-4.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.s390x", "SUSE Linux Enterprise Software Development Kit 12:wireshark-devel-1.10.12-4.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2015-01-22T08:55:12Z", details: "moderate", }, ], title: "CVE-2015-0564", }, ], }
fkie_cve-2015-0561
Vulnerability from fkie_nvd
Published
2015-01-10 02:59
Modified
2025-04-12 10:46
Severity ?
Summary
asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| wireshark | wireshark | 1.10.0 | |
| wireshark | wireshark | 1.10.1 | |
| wireshark | wireshark | 1.10.2 | |
| wireshark | wireshark | 1.10.3 | |
| wireshark | wireshark | 1.10.4 | |
| wireshark | wireshark | 1.10.5 | |
| wireshark | wireshark | 1.10.6 | |
| wireshark | wireshark | 1.10.7 | |
| wireshark | wireshark | 1.10.8 | |
| wireshark | wireshark | 1.10.9 | |
| wireshark | wireshark | 1.10.10 | |
| wireshark | wireshark | 1.10.11 | |
| wireshark | wireshark | 1.12.0 | |
| wireshark | wireshark | 1.12.1 | |
| wireshark | wireshark | 1.12.2 | |
| opensuse | opensuse | 13.1 | |
| opensuse | opensuse | 13.2 | |
| oracle | solaris | 11.2 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:wireshark:wireshark:1.10.0:*:*:*:*:*:*:*", matchCriteriaId: "481435A6-4790-4B3E-8EEA-0394A6AB481A", vulnerable: true, }, { criteria: "cpe:2.3:a:wireshark:wireshark:1.10.1:*:*:*:*:*:*:*", matchCriteriaId: "2B0BB28A-9E61-4073-9BE2-C34AB2BCF1EB", vulnerable: true, }, { criteria: "cpe:2.3:a:wireshark:wireshark:1.10.2:*:*:*:*:*:*:*", matchCriteriaId: "0753BF56-C829-48C3-AA6E-C0A2A1EA1124", vulnerable: true, }, { criteria: "cpe:2.3:a:wireshark:wireshark:1.10.3:*:*:*:*:*:*:*", matchCriteriaId: "EC206A02-8259-4FA0-8B6F-D8C58AB946C9", vulnerable: true, }, { criteria: "cpe:2.3:a:wireshark:wireshark:1.10.4:*:*:*:*:*:*:*", matchCriteriaId: "B973D7E1-523B-4AB9-965F-F8BBD2420CFA", vulnerable: true, }, { criteria: "cpe:2.3:a:wireshark:wireshark:1.10.5:*:*:*:*:*:*:*", matchCriteriaId: "633AE75A-89BB-458D-9609-2C238DAC25C6", vulnerable: true, }, { criteria: "cpe:2.3:a:wireshark:wireshark:1.10.6:*:*:*:*:*:*:*", matchCriteriaId: "20A8D578-A2DD-4D08-81C1-E4437F40D21D", vulnerable: true, }, { criteria: "cpe:2.3:a:wireshark:wireshark:1.10.7:*:*:*:*:*:*:*", matchCriteriaId: "C0BBB2FB-A3D3-4D9F-88CB-F3D74395D364", vulnerable: true, }, { criteria: "cpe:2.3:a:wireshark:wireshark:1.10.8:*:*:*:*:*:*:*", matchCriteriaId: "A67E51FE-2B4A-4475-B829-316EDC24B88B", vulnerable: true, }, { criteria: "cpe:2.3:a:wireshark:wireshark:1.10.9:*:*:*:*:*:*:*", matchCriteriaId: "3060B2B7-48CB-4669-BF65-4750D11CA401", vulnerable: true, }, { criteria: "cpe:2.3:a:wireshark:wireshark:1.10.10:*:*:*:*:*:*:*", matchCriteriaId: "2CA274E6-5CF8-46A1-A38C-2D9E26A8CDE3", vulnerable: true, }, { criteria: "cpe:2.3:a:wireshark:wireshark:1.10.11:*:*:*:*:*:*:*", matchCriteriaId: "55D76E3D-0CF1-4FAB-A243-793969CA83AC", vulnerable: true, }, { criteria: "cpe:2.3:a:wireshark:wireshark:1.12.0:*:*:*:*:*:*:*", matchCriteriaId: "29AC5E99-9C21-4C2E-AE68-A4B887318577", vulnerable: true, }, { criteria: "cpe:2.3:a:wireshark:wireshark:1.12.1:*:*:*:*:*:*:*", matchCriteriaId: "B90C8934-01D8-4027-8A38-0B3230CC5077", vulnerable: true, }, { criteria: "cpe:2.3:a:wireshark:wireshark:1.12.2:*:*:*:*:*:*:*", matchCriteriaId: "49C89A62-69E2-40C5-9C75-FA6601A935A2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*", matchCriteriaId: "0B1C288F-326B-497B-B26C-D26E01262DDB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.", }, { lang: "es", value: "asn1/lpp/lpp.cnf en el disector LPP en Wireshark 1.10.x anterior a 1.10.12 y 1.12.x anterior a 1.12.3 no valida cierto valor de indice, lo que permite a atacantes remotos causar una denegación de servicio (acceso a memoria fuera de rango y caída de la aplicación) a través de un paquete manipulado.", }, ], id: "CVE-2015-0561", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-01-10T02:59:39.913", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-01/msg00053.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/62612", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.wireshark.org/security/wnpa-sec-2015-02.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10773", }, { source: "cve@mitre.org", url: "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=8e96830156bea314207b97315ccebd605317f142", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-01/msg00053.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/62612", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.wireshark.org/security/wnpa-sec-2015-02.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10773", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=8e96830156bea314207b97315ccebd605317f142", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
ghsa-fgm2-v896-xm59
Vulnerability from github
Published
2022-05-14 02:06
Modified
2025-04-12 12:43
Details
asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.
{ affected: [], aliases: [ "CVE-2015-0561", ], database_specific: { cwe_ids: [ "CWE-20", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2015-01-10T02:59:00Z", severity: "MODERATE", }, details: "asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.", id: "GHSA-fgm2-v896-xm59", modified: "2025-04-12T12:43:55Z", published: "2022-05-14T02:06:22Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2015-0561", }, { type: "WEB", url: "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10773", }, { type: "WEB", url: "https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=8e96830156bea314207b97315ccebd605317f142", }, { type: "WEB", url: "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8e96830156bea314207b97315ccebd605317f142", }, { type: "WEB", url: "http://lists.opensuse.org/opensuse-updates/2015-01/msg00053.html", }, { type: "WEB", url: "http://secunia.com/advisories/62612", }, { type: "WEB", url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", }, { type: "WEB", url: "http://www.wireshark.org/security/wnpa-sec-2015-02.html", }, ], schema_version: "1.4.0", severity: [], }
gsd-2015-0561
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.
Aliases
Aliases
{ GSD: { alias: "CVE-2015-0561", description: "asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.", id: "GSD-2015-0561", references: [ "https://www.suse.com/security/cve/CVE-2015-0561.html", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2015-0561", ], details: "asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.", id: "GSD-2015-0561", modified: "2023-12-13T01:19:58.181744Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-0561", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10773", refsource: "CONFIRM", url: "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10773", }, { name: "http://www.wireshark.org/security/wnpa-sec-2015-02.html", refsource: "CONFIRM", url: "http://www.wireshark.org/security/wnpa-sec-2015-02.html", }, { name: "62612", refsource: "SECUNIA", url: "http://secunia.com/advisories/62612", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", }, { name: "openSUSE-SU-2015:0113", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2015-01/msg00053.html", }, { name: "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8e96830156bea314207b97315ccebd605317f142", refsource: "CONFIRM", url: "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8e96830156bea314207b97315ccebd605317f142", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:wireshark:wireshark:1.12.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:wireshark:wireshark:1.12.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:wireshark:wireshark:1.10.9:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:wireshark:wireshark:1.10.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:wireshark:wireshark:1.10.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:wireshark:wireshark:1.10.3:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:wireshark:wireshark:1.10.4:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:wireshark:wireshark:1.12.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:wireshark:wireshark:1.10.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:wireshark:wireshark:1.10.6:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:wireshark:wireshark:1.10.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:wireshark:wireshark:1.10.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:wireshark:wireshark:1.10.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:wireshark:wireshark:1.10.5:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:wireshark:wireshark:1.10.7:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:oracle:solaris:11.2:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2015-0561", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-20", }, ], }, ], }, references: { reference_data: [ { name: "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8e96830156bea314207b97315ccebd605317f142", refsource: "CONFIRM", tags: [], url: "https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=8e96830156bea314207b97315ccebd605317f142", }, { name: "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10773", refsource: "CONFIRM", tags: [ "Issue Tracking", ], url: "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10773", }, { name: "http://www.wireshark.org/security/wnpa-sec-2015-02.html", refsource: "CONFIRM", tags: [ "Vendor Advisory", ], url: "http://www.wireshark.org/security/wnpa-sec-2015-02.html", }, { name: "62612", refsource: "SECUNIA", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/62612", }, { name: "openSUSE-SU-2015:0113", refsource: "SUSE", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2015-01/msg00053.html", }, { name: "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", refsource: "CONFIRM", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", }, ], }, }, impact: { baseMetricV2: { cvssV2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: false, }, }, lastModifiedDate: "2018-10-30T16:27Z", publishedDate: "2015-01-10T02:59Z", }, }, }
opensuse-su-2024:10199-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
wireshark-2.2.2-1.1 on GA media
Notes
Title of the patch
wireshark-2.2.2-1.1 on GA media
Description of the patch
These are all security issues fixed in the wireshark-2.2.2-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-10199
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "moderate", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "wireshark-2.2.2-1.1 on GA media", title: "Title of the patch", }, { category: "description", text: "These are all security issues fixed in the wireshark-2.2.2-1.1 package on the GA media of openSUSE Tumbleweed.", title: "Description of the patch", }, { category: "details", text: "openSUSE-Tumbleweed-2024-10199", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_10199-1.json", }, { category: "self", summary: "SUSE CVE CVE-2009-1210 page", url: "https://www.suse.com/security/cve/CVE-2009-1210/", }, { category: "self", summary: "SUSE CVE CVE-2009-1267 page", url: "https://www.suse.com/security/cve/CVE-2009-1267/", }, { category: "self", summary: "SUSE CVE CVE-2009-1268 page", url: "https://www.suse.com/security/cve/CVE-2009-1268/", }, { category: "self", summary: "SUSE CVE CVE-2009-1269 page", url: "https://www.suse.com/security/cve/CVE-2009-1269/", }, { category: "self", summary: "SUSE CVE CVE-2009-3241 page", url: "https://www.suse.com/security/cve/CVE-2009-3241/", }, { category: "self", summary: "SUSE CVE CVE-2009-3242 page", url: "https://www.suse.com/security/cve/CVE-2009-3242/", }, { category: "self", summary: "SUSE CVE CVE-2009-3243 page", url: "https://www.suse.com/security/cve/CVE-2009-3243/", }, { category: "self", summary: "SUSE CVE CVE-2010-1455 page", url: "https://www.suse.com/security/cve/CVE-2010-1455/", }, { category: "self", summary: "SUSE CVE CVE-2010-2993 page", url: "https://www.suse.com/security/cve/CVE-2010-2993/", }, { category: "self", summary: "SUSE CVE CVE-2010-3445 page", url: "https://www.suse.com/security/cve/CVE-2010-3445/", }, { category: "self", summary: "SUSE CVE CVE-2010-4300 page", url: "https://www.suse.com/security/cve/CVE-2010-4300/", }, { category: "self", summary: "SUSE CVE CVE-2010-4301 page", url: "https://www.suse.com/security/cve/CVE-2010-4301/", }, { category: "self", summary: "SUSE CVE CVE-2010-4538 page", url: "https://www.suse.com/security/cve/CVE-2010-4538/", }, { category: "self", summary: "SUSE CVE CVE-2011-0024 page", url: "https://www.suse.com/security/cve/CVE-2011-0024/", }, { category: "self", summary: "SUSE CVE CVE-2011-0538 page", url: "https://www.suse.com/security/cve/CVE-2011-0538/", }, { category: "self", summary: "SUSE CVE CVE-2011-0713 page", url: "https://www.suse.com/security/cve/CVE-2011-0713/", }, { category: "self", summary: "SUSE CVE CVE-2011-1138 page", url: "https://www.suse.com/security/cve/CVE-2011-1138/", }, { category: "self", summary: "SUSE CVE CVE-2011-1139 page", url: "https://www.suse.com/security/cve/CVE-2011-1139/", }, { category: "self", summary: "SUSE CVE CVE-2011-1140 page", url: "https://www.suse.com/security/cve/CVE-2011-1140/", }, { category: "self", summary: "SUSE CVE CVE-2011-1143 page", url: "https://www.suse.com/security/cve/CVE-2011-1143/", }, { category: "self", summary: "SUSE CVE CVE-2011-1590 page", url: "https://www.suse.com/security/cve/CVE-2011-1590/", }, { category: "self", summary: "SUSE CVE CVE-2011-1591 page", url: "https://www.suse.com/security/cve/CVE-2011-1591/", }, { category: "self", summary: "SUSE CVE CVE-2011-1592 page", url: "https://www.suse.com/security/cve/CVE-2011-1592/", }, { category: "self", summary: "SUSE CVE CVE-2011-1957 page", url: "https://www.suse.com/security/cve/CVE-2011-1957/", }, { category: "self", summary: "SUSE CVE CVE-2011-1958 page", url: "https://www.suse.com/security/cve/CVE-2011-1958/", }, { category: "self", summary: "SUSE CVE CVE-2011-1959 page", url: "https://www.suse.com/security/cve/CVE-2011-1959/", }, { category: "self", summary: "SUSE CVE CVE-2011-2174 page", url: "https://www.suse.com/security/cve/CVE-2011-2174/", }, { category: "self", summary: "SUSE CVE CVE-2011-2175 page", url: "https://www.suse.com/security/cve/CVE-2011-2175/", }, { category: "self", summary: "SUSE CVE CVE-2011-2597 page", url: "https://www.suse.com/security/cve/CVE-2011-2597/", }, { category: "self", summary: "SUSE CVE CVE-2011-2698 page", url: "https://www.suse.com/security/cve/CVE-2011-2698/", }, { category: "self", summary: "SUSE CVE CVE-2011-3266 page", url: "https://www.suse.com/security/cve/CVE-2011-3266/", }, { category: "self", summary: "SUSE CVE CVE-2011-3360 page", url: "https://www.suse.com/security/cve/CVE-2011-3360/", }, { category: "self", summary: "SUSE CVE CVE-2011-3483 page", url: "https://www.suse.com/security/cve/CVE-2011-3483/", }, { category: "self", summary: "SUSE CVE CVE-2012-2392 page", url: "https://www.suse.com/security/cve/CVE-2012-2392/", }, { category: "self", summary: "SUSE CVE CVE-2012-2393 page", url: "https://www.suse.com/security/cve/CVE-2012-2393/", }, { category: "self", summary: "SUSE CVE CVE-2012-2394 page", url: "https://www.suse.com/security/cve/CVE-2012-2394/", }, { category: "self", summary: "SUSE CVE CVE-2012-3548 page", url: "https://www.suse.com/security/cve/CVE-2012-3548/", }, { category: "self", summary: "SUSE CVE CVE-2012-4048 page", url: "https://www.suse.com/security/cve/CVE-2012-4048/", }, { category: "self", summary: "SUSE CVE CVE-2012-4049 page", url: "https://www.suse.com/security/cve/CVE-2012-4049/", }, { category: "self", summary: "SUSE CVE CVE-2012-4285 page", url: "https://www.suse.com/security/cve/CVE-2012-4285/", }, { category: "self", summary: "SUSE CVE CVE-2012-4286 page", url: "https://www.suse.com/security/cve/CVE-2012-4286/", }, { category: "self", summary: "SUSE CVE CVE-2012-4287 page", url: "https://www.suse.com/security/cve/CVE-2012-4287/", }, { category: "self", summary: "SUSE CVE CVE-2012-4288 page", url: "https://www.suse.com/security/cve/CVE-2012-4288/", }, { category: "self", summary: "SUSE CVE CVE-2012-4289 page", url: "https://www.suse.com/security/cve/CVE-2012-4289/", }, { category: "self", summary: "SUSE CVE CVE-2012-4290 page", url: "https://www.suse.com/security/cve/CVE-2012-4290/", }, { category: "self", summary: "SUSE CVE CVE-2012-4291 page", url: "https://www.suse.com/security/cve/CVE-2012-4291/", }, { category: "self", summary: "SUSE CVE CVE-2012-4292 page", url: "https://www.suse.com/security/cve/CVE-2012-4292/", }, { category: "self", summary: "SUSE CVE CVE-2012-4293 page", url: "https://www.suse.com/security/cve/CVE-2012-4293/", }, { category: "self", summary: "SUSE CVE CVE-2012-4294 page", url: "https://www.suse.com/security/cve/CVE-2012-4294/", }, { category: "self", summary: "SUSE CVE CVE-2012-4295 page", url: "https://www.suse.com/security/cve/CVE-2012-4295/", }, { category: "self", summary: "SUSE CVE CVE-2012-4296 page", url: "https://www.suse.com/security/cve/CVE-2012-4296/", }, { category: "self", summary: "SUSE CVE CVE-2012-4297 page", url: "https://www.suse.com/security/cve/CVE-2012-4297/", }, { category: "self", summary: "SUSE CVE CVE-2012-4298 page", url: "https://www.suse.com/security/cve/CVE-2012-4298/", }, { category: "self", summary: "SUSE CVE CVE-2012-5237 page", url: "https://www.suse.com/security/cve/CVE-2012-5237/", }, { category: "self", summary: "SUSE CVE CVE-2012-5238 page", url: "https://www.suse.com/security/cve/CVE-2012-5238/", }, { category: "self", summary: "SUSE CVE CVE-2012-5239 page", url: "https://www.suse.com/security/cve/CVE-2012-5239/", }, { category: "self", summary: "SUSE CVE CVE-2012-5240 page", url: "https://www.suse.com/security/cve/CVE-2012-5240/", }, { category: "self", summary: "SUSE CVE CVE-2012-5592 page", url: "https://www.suse.com/security/cve/CVE-2012-5592/", }, { category: "self", summary: "SUSE CVE CVE-2012-5593 page", url: "https://www.suse.com/security/cve/CVE-2012-5593/", }, { category: "self", summary: "SUSE CVE CVE-2012-5594 page", url: "https://www.suse.com/security/cve/CVE-2012-5594/", }, { category: "self", summary: "SUSE CVE CVE-2012-5595 page", url: "https://www.suse.com/security/cve/CVE-2012-5595/", }, { category: "self", summary: "SUSE CVE CVE-2012-5596 page", url: "https://www.suse.com/security/cve/CVE-2012-5596/", }, { category: "self", summary: "SUSE CVE CVE-2012-5597 page", url: "https://www.suse.com/security/cve/CVE-2012-5597/", }, { category: "self", summary: "SUSE CVE CVE-2012-5598 page", url: "https://www.suse.com/security/cve/CVE-2012-5598/", }, { category: "self", summary: "SUSE CVE CVE-2012-5599 page", url: "https://www.suse.com/security/cve/CVE-2012-5599/", }, { category: "self", summary: "SUSE CVE CVE-2012-5600 page", url: "https://www.suse.com/security/cve/CVE-2012-5600/", }, { category: "self", summary: "SUSE CVE CVE-2012-5601 page", url: "https://www.suse.com/security/cve/CVE-2012-5601/", }, { category: "self", summary: "SUSE CVE CVE-2012-5602 page", url: "https://www.suse.com/security/cve/CVE-2012-5602/", }, { category: "self", summary: "SUSE CVE CVE-2013-1572 page", url: "https://www.suse.com/security/cve/CVE-2013-1572/", }, { category: "self", summary: "SUSE CVE CVE-2013-1573 page", url: "https://www.suse.com/security/cve/CVE-2013-1573/", }, { category: "self", summary: "SUSE CVE CVE-2013-1574 page", url: "https://www.suse.com/security/cve/CVE-2013-1574/", }, { category: "self", summary: "SUSE CVE CVE-2013-1575 page", url: "https://www.suse.com/security/cve/CVE-2013-1575/", }, { category: "self", summary: "SUSE CVE CVE-2013-1576 page", url: "https://www.suse.com/security/cve/CVE-2013-1576/", }, { category: "self", summary: "SUSE CVE CVE-2013-1577 page", url: "https://www.suse.com/security/cve/CVE-2013-1577/", }, { category: "self", summary: "SUSE CVE CVE-2013-1578 page", url: "https://www.suse.com/security/cve/CVE-2013-1578/", }, { category: "self", summary: "SUSE CVE CVE-2013-1579 page", url: "https://www.suse.com/security/cve/CVE-2013-1579/", }, { category: "self", summary: "SUSE CVE CVE-2013-1580 page", url: "https://www.suse.com/security/cve/CVE-2013-1580/", }, { category: "self", summary: "SUSE CVE CVE-2013-1581 page", url: "https://www.suse.com/security/cve/CVE-2013-1581/", }, { category: "self", summary: "SUSE CVE CVE-2013-1582 page", url: "https://www.suse.com/security/cve/CVE-2013-1582/", }, { category: "self", summary: "SUSE CVE CVE-2013-1583 page", url: "https://www.suse.com/security/cve/CVE-2013-1583/", }, { category: "self", summary: "SUSE CVE CVE-2013-1584 page", url: "https://www.suse.com/security/cve/CVE-2013-1584/", }, { category: "self", summary: "SUSE CVE CVE-2013-1585 page", url: "https://www.suse.com/security/cve/CVE-2013-1585/", }, { category: "self", summary: "SUSE CVE CVE-2013-1586 page", url: "https://www.suse.com/security/cve/CVE-2013-1586/", }, { category: "self", summary: "SUSE CVE CVE-2013-1587 page", url: "https://www.suse.com/security/cve/CVE-2013-1587/", }, { category: "self", summary: "SUSE CVE CVE-2013-1588 page", url: "https://www.suse.com/security/cve/CVE-2013-1588/", }, { category: "self", summary: "SUSE CVE CVE-2013-1589 page", url: "https://www.suse.com/security/cve/CVE-2013-1589/", }, { category: "self", summary: "SUSE CVE CVE-2013-1590 page", url: "https://www.suse.com/security/cve/CVE-2013-1590/", }, { category: "self", summary: "SUSE CVE CVE-2013-2475 page", url: "https://www.suse.com/security/cve/CVE-2013-2475/", }, { category: "self", summary: "SUSE CVE CVE-2013-2476 page", url: "https://www.suse.com/security/cve/CVE-2013-2476/", }, { category: "self", summary: "SUSE CVE CVE-2013-2477 page", url: "https://www.suse.com/security/cve/CVE-2013-2477/", }, { category: "self", summary: "SUSE CVE CVE-2013-2478 page", url: "https://www.suse.com/security/cve/CVE-2013-2478/", }, { category: "self", summary: "SUSE CVE CVE-2013-2479 page", url: "https://www.suse.com/security/cve/CVE-2013-2479/", }, { category: "self", summary: "SUSE CVE CVE-2013-2480 page", url: "https://www.suse.com/security/cve/CVE-2013-2480/", }, { category: "self", summary: "SUSE CVE CVE-2013-2481 page", url: "https://www.suse.com/security/cve/CVE-2013-2481/", }, { category: "self", summary: "SUSE CVE CVE-2013-2482 page", url: "https://www.suse.com/security/cve/CVE-2013-2482/", }, { category: "self", summary: "SUSE CVE CVE-2013-2483 page", url: "https://www.suse.com/security/cve/CVE-2013-2483/", }, { category: "self", summary: "SUSE CVE CVE-2013-2484 page", url: "https://www.suse.com/security/cve/CVE-2013-2484/", }, { category: "self", summary: "SUSE CVE CVE-2013-2485 page", url: "https://www.suse.com/security/cve/CVE-2013-2485/", }, { category: "self", summary: "SUSE CVE CVE-2013-2486 page", url: "https://www.suse.com/security/cve/CVE-2013-2486/", }, { category: "self", summary: "SUSE CVE CVE-2013-2487 page", url: "https://www.suse.com/security/cve/CVE-2013-2487/", }, { category: "self", summary: "SUSE CVE CVE-2013-2488 page", url: "https://www.suse.com/security/cve/CVE-2013-2488/", }, { category: "self", summary: "SUSE CVE CVE-2013-3555 page", url: "https://www.suse.com/security/cve/CVE-2013-3555/", }, { category: "self", summary: "SUSE CVE CVE-2013-3556 page", url: "https://www.suse.com/security/cve/CVE-2013-3556/", }, { category: "self", summary: "SUSE CVE CVE-2013-3557 page", url: "https://www.suse.com/security/cve/CVE-2013-3557/", }, { category: "self", summary: "SUSE CVE CVE-2013-3558 page", url: "https://www.suse.com/security/cve/CVE-2013-3558/", }, { category: "self", summary: "SUSE CVE CVE-2013-3559 page", url: "https://www.suse.com/security/cve/CVE-2013-3559/", }, { category: "self", summary: "SUSE CVE CVE-2013-3560 page", url: "https://www.suse.com/security/cve/CVE-2013-3560/", }, { category: "self", summary: "SUSE CVE CVE-2013-3561 page", url: "https://www.suse.com/security/cve/CVE-2013-3561/", }, { category: "self", summary: "SUSE CVE CVE-2013-3562 page", url: "https://www.suse.com/security/cve/CVE-2013-3562/", }, { category: "self", summary: "SUSE CVE CVE-2013-4083 page", url: "https://www.suse.com/security/cve/CVE-2013-4083/", }, { category: "self", summary: "SUSE CVE CVE-2013-4920 page", url: "https://www.suse.com/security/cve/CVE-2013-4920/", }, { category: "self", summary: "SUSE CVE CVE-2013-4921 page", url: "https://www.suse.com/security/cve/CVE-2013-4921/", }, { category: "self", summary: "SUSE CVE CVE-2013-4922 page", url: "https://www.suse.com/security/cve/CVE-2013-4922/", }, { category: "self", summary: "SUSE CVE CVE-2013-4923 page", url: "https://www.suse.com/security/cve/CVE-2013-4923/", }, { category: "self", summary: "SUSE CVE CVE-2013-4924 page", url: "https://www.suse.com/security/cve/CVE-2013-4924/", }, { category: "self", summary: "SUSE CVE CVE-2013-4925 page", url: "https://www.suse.com/security/cve/CVE-2013-4925/", }, { category: "self", summary: "SUSE CVE CVE-2013-4926 page", url: "https://www.suse.com/security/cve/CVE-2013-4926/", }, { category: "self", summary: "SUSE CVE CVE-2013-4927 page", url: "https://www.suse.com/security/cve/CVE-2013-4927/", }, { category: "self", summary: "SUSE CVE CVE-2013-4928 page", url: "https://www.suse.com/security/cve/CVE-2013-4928/", }, { category: "self", summary: "SUSE CVE CVE-2013-4929 page", url: "https://www.suse.com/security/cve/CVE-2013-4929/", }, { category: "self", summary: "SUSE CVE CVE-2013-4930 page", url: "https://www.suse.com/security/cve/CVE-2013-4930/", }, { category: "self", summary: "SUSE CVE CVE-2013-4931 page", url: "https://www.suse.com/security/cve/CVE-2013-4931/", }, { category: "self", summary: "SUSE CVE CVE-2013-4932 page", url: "https://www.suse.com/security/cve/CVE-2013-4932/", }, { category: "self", summary: "SUSE CVE CVE-2013-4933 page", url: "https://www.suse.com/security/cve/CVE-2013-4933/", }, { category: "self", summary: "SUSE CVE CVE-2013-4934 page", url: "https://www.suse.com/security/cve/CVE-2013-4934/", }, { category: "self", summary: "SUSE CVE CVE-2013-4935 page", url: "https://www.suse.com/security/cve/CVE-2013-4935/", }, { category: "self", summary: "SUSE CVE CVE-2013-4936 page", url: "https://www.suse.com/security/cve/CVE-2013-4936/", }, { category: "self", summary: "SUSE CVE CVE-2013-5717 page", url: "https://www.suse.com/security/cve/CVE-2013-5717/", }, { category: "self", summary: "SUSE CVE CVE-2013-5718 page", url: "https://www.suse.com/security/cve/CVE-2013-5718/", }, { category: "self", summary: "SUSE CVE CVE-2013-5719 page", url: "https://www.suse.com/security/cve/CVE-2013-5719/", }, { category: "self", summary: "SUSE CVE CVE-2013-5720 page", url: "https://www.suse.com/security/cve/CVE-2013-5720/", }, { category: "self", summary: "SUSE CVE CVE-2013-5721 page", url: "https://www.suse.com/security/cve/CVE-2013-5721/", }, { category: "self", summary: "SUSE CVE CVE-2013-5722 page", url: "https://www.suse.com/security/cve/CVE-2013-5722/", }, { category: "self", summary: "SUSE CVE CVE-2013-6336 page", url: "https://www.suse.com/security/cve/CVE-2013-6336/", }, { category: "self", summary: "SUSE CVE CVE-2013-6337 page", url: "https://www.suse.com/security/cve/CVE-2013-6337/", }, { category: "self", summary: "SUSE CVE CVE-2013-6338 page", url: "https://www.suse.com/security/cve/CVE-2013-6338/", }, { category: "self", summary: "SUSE CVE CVE-2013-6339 page", url: "https://www.suse.com/security/cve/CVE-2013-6339/", }, { category: "self", summary: "SUSE CVE CVE-2013-6340 page", url: "https://www.suse.com/security/cve/CVE-2013-6340/", }, { category: "self", summary: "SUSE CVE CVE-2013-7112 page", url: "https://www.suse.com/security/cve/CVE-2013-7112/", }, { category: "self", summary: "SUSE CVE CVE-2013-7113 page", url: "https://www.suse.com/security/cve/CVE-2013-7113/", }, { category: "self", summary: "SUSE CVE CVE-2013-7114 page", url: "https://www.suse.com/security/cve/CVE-2013-7114/", }, { category: "self", summary: "SUSE CVE CVE-2014-2281 page", url: "https://www.suse.com/security/cve/CVE-2014-2281/", }, { category: "self", summary: "SUSE CVE CVE-2014-2282 page", url: "https://www.suse.com/security/cve/CVE-2014-2282/", }, { category: "self", summary: "SUSE CVE CVE-2014-2283 page", url: "https://www.suse.com/security/cve/CVE-2014-2283/", }, { category: "self", summary: "SUSE CVE CVE-2014-2299 page", url: "https://www.suse.com/security/cve/CVE-2014-2299/", }, { category: "self", summary: "SUSE CVE CVE-2014-2907 page", url: "https://www.suse.com/security/cve/CVE-2014-2907/", }, { category: "self", summary: "SUSE CVE CVE-2014-4020 page", url: "https://www.suse.com/security/cve/CVE-2014-4020/", }, { category: "self", summary: "SUSE CVE CVE-2014-5161 page", url: "https://www.suse.com/security/cve/CVE-2014-5161/", }, { category: "self", summary: "SUSE CVE CVE-2014-5162 page", url: "https://www.suse.com/security/cve/CVE-2014-5162/", }, { category: "self", summary: "SUSE CVE CVE-2014-5163 page", url: "https://www.suse.com/security/cve/CVE-2014-5163/", }, { category: "self", summary: "SUSE CVE CVE-2014-5164 page", url: "https://www.suse.com/security/cve/CVE-2014-5164/", }, { category: "self", summary: "SUSE CVE CVE-2014-5165 page", url: "https://www.suse.com/security/cve/CVE-2014-5165/", }, { category: "self", summary: "SUSE CVE CVE-2014-6423 page", url: "https://www.suse.com/security/cve/CVE-2014-6423/", }, { category: "self", summary: "SUSE CVE CVE-2014-6424 page", url: "https://www.suse.com/security/cve/CVE-2014-6424/", }, { category: "self", summary: "SUSE CVE CVE-2014-6425 page", url: "https://www.suse.com/security/cve/CVE-2014-6425/", }, { category: "self", summary: "SUSE CVE CVE-2014-6426 page", url: "https://www.suse.com/security/cve/CVE-2014-6426/", }, { category: "self", summary: "SUSE CVE CVE-2014-6427 page", url: "https://www.suse.com/security/cve/CVE-2014-6427/", }, { category: "self", summary: "SUSE CVE CVE-2014-6428 page", url: "https://www.suse.com/security/cve/CVE-2014-6428/", }, { category: "self", summary: "SUSE CVE CVE-2014-6429 page", url: "https://www.suse.com/security/cve/CVE-2014-6429/", }, { category: "self", summary: "SUSE CVE CVE-2014-6430 page", url: "https://www.suse.com/security/cve/CVE-2014-6430/", }, { category: "self", summary: "SUSE CVE CVE-2014-6431 page", url: "https://www.suse.com/security/cve/CVE-2014-6431/", }, { category: "self", summary: "SUSE CVE CVE-2014-6432 page", url: "https://www.suse.com/security/cve/CVE-2014-6432/", }, { category: "self", summary: "SUSE CVE CVE-2014-8710 page", url: "https://www.suse.com/security/cve/CVE-2014-8710/", }, { category: "self", summary: "SUSE CVE CVE-2014-8711 page", url: "https://www.suse.com/security/cve/CVE-2014-8711/", }, { category: "self", summary: "SUSE CVE CVE-2014-8712 page", url: "https://www.suse.com/security/cve/CVE-2014-8712/", }, { category: "self", summary: "SUSE CVE CVE-2014-8713 page", url: "https://www.suse.com/security/cve/CVE-2014-8713/", }, { category: "self", summary: "SUSE CVE CVE-2014-8714 page", url: "https://www.suse.com/security/cve/CVE-2014-8714/", }, { category: "self", summary: "SUSE CVE CVE-2015-0559 page", url: "https://www.suse.com/security/cve/CVE-2015-0559/", }, { category: "self", summary: "SUSE CVE CVE-2015-0560 page", url: "https://www.suse.com/security/cve/CVE-2015-0560/", }, { category: "self", summary: "SUSE CVE CVE-2015-0561 page", url: "https://www.suse.com/security/cve/CVE-2015-0561/", }, { category: "self", summary: "SUSE CVE CVE-2015-0562 page", url: "https://www.suse.com/security/cve/CVE-2015-0562/", }, { category: "self", summary: "SUSE CVE CVE-2015-0563 page", url: "https://www.suse.com/security/cve/CVE-2015-0563/", }, { category: "self", summary: "SUSE CVE CVE-2015-0564 page", url: "https://www.suse.com/security/cve/CVE-2015-0564/", }, { category: "self", summary: "SUSE CVE CVE-2015-2187 page", url: "https://www.suse.com/security/cve/CVE-2015-2187/", }, { category: "self", summary: "SUSE CVE CVE-2015-2188 page", url: "https://www.suse.com/security/cve/CVE-2015-2188/", }, { category: "self", summary: "SUSE CVE CVE-2015-2189 page", url: "https://www.suse.com/security/cve/CVE-2015-2189/", }, { category: "self", summary: "SUSE CVE CVE-2015-2190 page", url: "https://www.suse.com/security/cve/CVE-2015-2190/", }, { category: "self", summary: "SUSE CVE CVE-2015-2191 page", url: "https://www.suse.com/security/cve/CVE-2015-2191/", }, { category: "self", summary: "SUSE CVE CVE-2015-2192 page", url: "https://www.suse.com/security/cve/CVE-2015-2192/", }, { category: "self", summary: "SUSE CVE CVE-2015-3808 page", url: "https://www.suse.com/security/cve/CVE-2015-3808/", }, { category: "self", summary: "SUSE CVE CVE-2015-3809 page", url: "https://www.suse.com/security/cve/CVE-2015-3809/", }, { category: "self", summary: "SUSE CVE CVE-2015-3810 page", url: "https://www.suse.com/security/cve/CVE-2015-3810/", }, { category: "self", summary: "SUSE CVE CVE-2015-3811 page", url: "https://www.suse.com/security/cve/CVE-2015-3811/", }, { category: "self", summary: "SUSE CVE CVE-2015-3812 page", url: "https://www.suse.com/security/cve/CVE-2015-3812/", }, { category: "self", summary: "SUSE CVE CVE-2015-3813 page", url: "https://www.suse.com/security/cve/CVE-2015-3813/", }, { category: "self", summary: "SUSE CVE CVE-2015-3814 page", url: "https://www.suse.com/security/cve/CVE-2015-3814/", }, { category: "self", summary: "SUSE CVE CVE-2015-3815 page", url: "https://www.suse.com/security/cve/CVE-2015-3815/", }, { category: "self", summary: "SUSE CVE CVE-2015-4651 page", url: "https://www.suse.com/security/cve/CVE-2015-4651/", }, { category: "self", summary: "SUSE CVE CVE-2015-4652 page", url: "https://www.suse.com/security/cve/CVE-2015-4652/", }, { category: "self", summary: "SUSE CVE CVE-2015-6241 page", url: "https://www.suse.com/security/cve/CVE-2015-6241/", }, { category: "self", summary: "SUSE CVE CVE-2015-6242 page", url: "https://www.suse.com/security/cve/CVE-2015-6242/", }, { category: "self", summary: "SUSE CVE CVE-2015-6243 page", url: "https://www.suse.com/security/cve/CVE-2015-6243/", }, { category: "self", summary: "SUSE CVE CVE-2015-6244 page", url: "https://www.suse.com/security/cve/CVE-2015-6244/", }, { category: "self", summary: "SUSE CVE CVE-2015-6245 page", url: "https://www.suse.com/security/cve/CVE-2015-6245/", }, { category: "self", summary: "SUSE CVE CVE-2015-6246 page", url: "https://www.suse.com/security/cve/CVE-2015-6246/", }, { category: "self", summary: "SUSE CVE CVE-2015-6247 page", url: "https://www.suse.com/security/cve/CVE-2015-6247/", }, { category: "self", summary: "SUSE CVE CVE-2015-6248 page", url: "https://www.suse.com/security/cve/CVE-2015-6248/", }, { category: "self", summary: "SUSE CVE CVE-2015-6249 page", url: "https://www.suse.com/security/cve/CVE-2015-6249/", }, { category: "self", summary: "SUSE CVE CVE-2015-7830 page", url: "https://www.suse.com/security/cve/CVE-2015-7830/", }, { category: "self", summary: "SUSE CVE CVE-2015-8711 page", url: "https://www.suse.com/security/cve/CVE-2015-8711/", }, { category: "self", summary: "SUSE CVE CVE-2015-8718 page", url: "https://www.suse.com/security/cve/CVE-2015-8718/", }, { category: "self", summary: "SUSE CVE CVE-2015-8720 page", url: "https://www.suse.com/security/cve/CVE-2015-8720/", }, { category: "self", summary: "SUSE CVE CVE-2015-8721 page", url: "https://www.suse.com/security/cve/CVE-2015-8721/", }, { category: "self", summary: "SUSE CVE CVE-2015-8722 page", url: "https://www.suse.com/security/cve/CVE-2015-8722/", }, { category: "self", summary: "SUSE CVE CVE-2015-8723 page", url: "https://www.suse.com/security/cve/CVE-2015-8723/", }, { category: "self", summary: "SUSE CVE CVE-2015-8724 page", url: "https://www.suse.com/security/cve/CVE-2015-8724/", }, { category: "self", summary: "SUSE CVE CVE-2015-8725 page", url: "https://www.suse.com/security/cve/CVE-2015-8725/", }, { category: "self", summary: "SUSE CVE CVE-2015-8726 page", url: "https://www.suse.com/security/cve/CVE-2015-8726/", }, { category: "self", summary: "SUSE CVE CVE-2015-8727 page", url: "https://www.suse.com/security/cve/CVE-2015-8727/", }, { category: "self", summary: "SUSE CVE CVE-2015-8728 page", url: "https://www.suse.com/security/cve/CVE-2015-8728/", }, { category: "self", summary: "SUSE CVE CVE-2015-8729 page", url: "https://www.suse.com/security/cve/CVE-2015-8729/", }, { category: "self", summary: "SUSE CVE CVE-2015-8730 page", url: "https://www.suse.com/security/cve/CVE-2015-8730/", }, { category: "self", summary: "SUSE CVE CVE-2015-8731 page", url: "https://www.suse.com/security/cve/CVE-2015-8731/", }, { category: "self", summary: "SUSE CVE CVE-2015-8732 page", url: "https://www.suse.com/security/cve/CVE-2015-8732/", }, { category: "self", summary: "SUSE CVE CVE-2015-8733 page", url: "https://www.suse.com/security/cve/CVE-2015-8733/", }, { category: "self", summary: "SUSE CVE CVE-2015-8734 page", url: "https://www.suse.com/security/cve/CVE-2015-8734/", }, { category: "self", summary: "SUSE CVE CVE-2015-8735 page", url: "https://www.suse.com/security/cve/CVE-2015-8735/", }, { category: "self", summary: "SUSE CVE CVE-2015-8736 page", url: "https://www.suse.com/security/cve/CVE-2015-8736/", }, { category: "self", summary: "SUSE CVE CVE-2015-8737 page", url: "https://www.suse.com/security/cve/CVE-2015-8737/", }, { category: "self", summary: "SUSE CVE CVE-2015-8738 page", url: "https://www.suse.com/security/cve/CVE-2015-8738/", }, { category: "self", summary: "SUSE CVE CVE-2015-8739 page", url: "https://www.suse.com/security/cve/CVE-2015-8739/", }, { category: "self", summary: "SUSE CVE CVE-2015-8740 page", url: "https://www.suse.com/security/cve/CVE-2015-8740/", }, { category: "self", summary: "SUSE CVE CVE-2015-8741 page", url: "https://www.suse.com/security/cve/CVE-2015-8741/", }, { category: "self", summary: "SUSE CVE CVE-2015-8742 page", url: "https://www.suse.com/security/cve/CVE-2015-8742/", }, { category: "self", summary: "SUSE CVE CVE-2016-2522 page", url: "https://www.suse.com/security/cve/CVE-2016-2522/", }, { category: "self", summary: "SUSE CVE CVE-2016-2523 page", url: "https://www.suse.com/security/cve/CVE-2016-2523/", }, { category: "self", summary: "SUSE CVE CVE-2016-2524 page", url: "https://www.suse.com/security/cve/CVE-2016-2524/", }, { category: "self", summary: "SUSE CVE CVE-2016-2525 page", url: "https://www.suse.com/security/cve/CVE-2016-2525/", }, { category: "self", summary: "SUSE CVE CVE-2016-2526 page", url: "https://www.suse.com/security/cve/CVE-2016-2526/", }, { category: "self", summary: "SUSE CVE CVE-2016-2527 page", url: "https://www.suse.com/security/cve/CVE-2016-2527/", }, { category: "self", summary: "SUSE CVE CVE-2016-2528 page", url: "https://www.suse.com/security/cve/CVE-2016-2528/", }, { category: "self", summary: "SUSE CVE CVE-2016-2529 page", url: "https://www.suse.com/security/cve/CVE-2016-2529/", }, { category: "self", summary: "SUSE CVE CVE-2016-2530 page", url: "https://www.suse.com/security/cve/CVE-2016-2530/", }, { category: "self", summary: "SUSE CVE CVE-2016-2531 page", url: "https://www.suse.com/security/cve/CVE-2016-2531/", }, { category: "self", summary: "SUSE CVE CVE-2016-2532 page", url: "https://www.suse.com/security/cve/CVE-2016-2532/", }, { category: "self", summary: "SUSE CVE CVE-2016-5350 page", url: "https://www.suse.com/security/cve/CVE-2016-5350/", }, { category: "self", summary: "SUSE CVE CVE-2016-5351 page", url: "https://www.suse.com/security/cve/CVE-2016-5351/", }, { category: "self", summary: "SUSE CVE CVE-2016-5352 page", url: "https://www.suse.com/security/cve/CVE-2016-5352/", }, { category: "self", summary: "SUSE CVE CVE-2016-5353 page", url: "https://www.suse.com/security/cve/CVE-2016-5353/", }, { category: "self", summary: "SUSE CVE CVE-2016-5354 page", url: "https://www.suse.com/security/cve/CVE-2016-5354/", }, { category: "self", summary: "SUSE CVE CVE-2016-5355 page", url: "https://www.suse.com/security/cve/CVE-2016-5355/", }, { category: "self", summary: "SUSE CVE CVE-2016-5356 page", url: "https://www.suse.com/security/cve/CVE-2016-5356/", }, { category: "self", summary: "SUSE CVE CVE-2016-5357 page", url: "https://www.suse.com/security/cve/CVE-2016-5357/", }, { category: "self", summary: "SUSE CVE CVE-2016-5358 page", url: "https://www.suse.com/security/cve/CVE-2016-5358/", }, { category: "self", summary: "SUSE CVE CVE-2016-6505 page", url: "https://www.suse.com/security/cve/CVE-2016-6505/", }, { category: "self", summary: "SUSE CVE CVE-2016-6508 page", url: "https://www.suse.com/security/cve/CVE-2016-6508/", }, { category: "self", summary: "SUSE CVE CVE-2016-6509 page", url: "https://www.suse.com/security/cve/CVE-2016-6509/", }, { category: "self", summary: "SUSE CVE CVE-2016-6510 page", url: "https://www.suse.com/security/cve/CVE-2016-6510/", }, { category: "self", summary: "SUSE CVE CVE-2016-6511 page", url: "https://www.suse.com/security/cve/CVE-2016-6511/", }, { category: "self", summary: "SUSE CVE CVE-2016-6512 page", url: "https://www.suse.com/security/cve/CVE-2016-6512/", }, { category: "self", summary: "SUSE CVE CVE-2016-6513 page", url: "https://www.suse.com/security/cve/CVE-2016-6513/", }, { category: "self", summary: "SUSE CVE CVE-2016-7175 page", url: "https://www.suse.com/security/cve/CVE-2016-7175/", }, { category: "self", summary: "SUSE CVE CVE-2016-7176 page", url: "https://www.suse.com/security/cve/CVE-2016-7176/", }, { category: "self", summary: "SUSE CVE CVE-2016-7177 page", url: "https://www.suse.com/security/cve/CVE-2016-7177/", }, { category: "self", summary: "SUSE CVE CVE-2016-7178 page", url: "https://www.suse.com/security/cve/CVE-2016-7178/", }, { category: "self", summary: "SUSE CVE CVE-2016-7179 page", url: "https://www.suse.com/security/cve/CVE-2016-7179/", }, { category: "self", summary: "SUSE CVE CVE-2016-7180 page", url: "https://www.suse.com/security/cve/CVE-2016-7180/", }, { category: "self", summary: "SUSE CVE CVE-2016-9372 page", url: "https://www.suse.com/security/cve/CVE-2016-9372/", }, { category: "self", summary: "SUSE CVE CVE-2016-9373 page", url: "https://www.suse.com/security/cve/CVE-2016-9373/", }, { category: "self", summary: "SUSE CVE CVE-2016-9374 page", url: "https://www.suse.com/security/cve/CVE-2016-9374/", }, { category: "self", summary: "SUSE CVE CVE-2016-9375 page", url: "https://www.suse.com/security/cve/CVE-2016-9375/", }, { category: "self", summary: "SUSE CVE CVE-2016-9376 page", url: "https://www.suse.com/security/cve/CVE-2016-9376/", }, ], title: "wireshark-2.2.2-1.1 on GA media", tracking: { current_release_date: "2024-06-15T00:00:00Z", generator: { date: "2024-06-15T00:00:00Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2024:10199-1", initial_release_date: "2024-06-15T00:00:00Z", revision_history: [ { date: "2024-06-15T00:00:00Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "wireshark-2.2.2-1.1.aarch64", product: { name: "wireshark-2.2.2-1.1.aarch64", product_id: "wireshark-2.2.2-1.1.aarch64", }, }, { category: "product_version", name: "wireshark-devel-2.2.2-1.1.aarch64", product: { name: "wireshark-devel-2.2.2-1.1.aarch64", product_id: "wireshark-devel-2.2.2-1.1.aarch64", }, }, { category: "product_version", name: "wireshark-ui-gtk-2.2.2-1.1.aarch64", product: { name: "wireshark-ui-gtk-2.2.2-1.1.aarch64", product_id: "wireshark-ui-gtk-2.2.2-1.1.aarch64", }, }, { category: "product_version", name: "wireshark-ui-qt-2.2.2-1.1.aarch64", product: { name: "wireshark-ui-qt-2.2.2-1.1.aarch64", product_id: "wireshark-ui-qt-2.2.2-1.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "wireshark-2.2.2-1.1.ppc64le", product: { name: "wireshark-2.2.2-1.1.ppc64le", product_id: "wireshark-2.2.2-1.1.ppc64le", }, }, { category: "product_version", name: "wireshark-devel-2.2.2-1.1.ppc64le", product: { name: "wireshark-devel-2.2.2-1.1.ppc64le", product_id: "wireshark-devel-2.2.2-1.1.ppc64le", }, }, { category: "product_version", name: "wireshark-ui-gtk-2.2.2-1.1.ppc64le", product: { name: "wireshark-ui-gtk-2.2.2-1.1.ppc64le", product_id: "wireshark-ui-gtk-2.2.2-1.1.ppc64le", }, }, { category: "product_version", name: "wireshark-ui-qt-2.2.2-1.1.ppc64le", product: { name: "wireshark-ui-qt-2.2.2-1.1.ppc64le", product_id: "wireshark-ui-qt-2.2.2-1.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "wireshark-2.2.2-1.1.s390x", product: { name: "wireshark-2.2.2-1.1.s390x", product_id: "wireshark-2.2.2-1.1.s390x", }, }, { category: "product_version", name: "wireshark-devel-2.2.2-1.1.s390x", product: { name: "wireshark-devel-2.2.2-1.1.s390x", product_id: "wireshark-devel-2.2.2-1.1.s390x", }, }, { category: "product_version", name: "wireshark-ui-gtk-2.2.2-1.1.s390x", product: { name: "wireshark-ui-gtk-2.2.2-1.1.s390x", product_id: "wireshark-ui-gtk-2.2.2-1.1.s390x", }, }, { category: "product_version", name: "wireshark-ui-qt-2.2.2-1.1.s390x", product: { name: "wireshark-ui-qt-2.2.2-1.1.s390x", product_id: "wireshark-ui-qt-2.2.2-1.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "wireshark-2.2.2-1.1.x86_64", product: { name: "wireshark-2.2.2-1.1.x86_64", product_id: "wireshark-2.2.2-1.1.x86_64", }, }, { category: "product_version", name: "wireshark-devel-2.2.2-1.1.x86_64", product: { name: "wireshark-devel-2.2.2-1.1.x86_64", product_id: "wireshark-devel-2.2.2-1.1.x86_64", }, }, { category: "product_version", name: "wireshark-ui-gtk-2.2.2-1.1.x86_64", product: { name: "wireshark-ui-gtk-2.2.2-1.1.x86_64", product_id: "wireshark-ui-gtk-2.2.2-1.1.x86_64", }, }, { category: "product_version", name: "wireshark-ui-qt-2.2.2-1.1.x86_64", product: { name: "wireshark-ui-qt-2.2.2-1.1.x86_64", product_id: "wireshark-ui-qt-2.2.2-1.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Tumbleweed", product: { name: "openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed", product_identification_helper: { cpe: "cpe:/o:opensuse:tumbleweed", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "wireshark-2.2.2-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", }, product_reference: "wireshark-2.2.2-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-2.2.2-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", }, product_reference: "wireshark-2.2.2-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-2.2.2-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", }, product_reference: "wireshark-2.2.2-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-2.2.2-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", }, product_reference: "wireshark-2.2.2-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-2.2.2-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", }, product_reference: "wireshark-devel-2.2.2-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-2.2.2-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", }, product_reference: "wireshark-devel-2.2.2-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-2.2.2-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", }, product_reference: "wireshark-devel-2.2.2-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-devel-2.2.2-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", }, product_reference: "wireshark-devel-2.2.2-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-gtk-2.2.2-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", }, product_reference: "wireshark-ui-gtk-2.2.2-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-gtk-2.2.2-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", }, product_reference: "wireshark-ui-gtk-2.2.2-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-gtk-2.2.2-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", }, product_reference: "wireshark-ui-gtk-2.2.2-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-gtk-2.2.2-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", }, product_reference: "wireshark-ui-gtk-2.2.2-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-2.2.2-1.1.aarch64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", }, product_reference: "wireshark-ui-qt-2.2.2-1.1.aarch64", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-2.2.2-1.1.ppc64le as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", }, product_reference: "wireshark-ui-qt-2.2.2-1.1.ppc64le", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-2.2.2-1.1.s390x as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", }, product_reference: "wireshark-ui-qt-2.2.2-1.1.s390x", relates_to_product_reference: "openSUSE Tumbleweed", }, { category: "default_component_of", full_product_name: { name: "wireshark-ui-qt-2.2.2-1.1.x86_64 as component of openSUSE Tumbleweed", product_id: "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", }, product_reference: "wireshark-ui-qt-2.2.2-1.1.x86_64", relates_to_product_reference: "openSUSE Tumbleweed", }, ], }, vulnerabilities: [ { cve: "CVE-2009-1210", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2009-1210", }, ], notes: [ { category: "general", text: "Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obtained from third party information.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2009-1210", url: "https://www.suse.com/security/cve/CVE-2009-1210", }, { category: "external", summary: "SUSE Bug 491449 for CVE-2009-1210", url: "https://bugzilla.suse.com/491449", }, { category: "external", summary: "SUSE Bug 493584 for CVE-2009-1210", url: "https://bugzilla.suse.com/493584", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2009-1210", }, { cve: "CVE-2009-1267", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2009-1267", }, ], notes: [ { category: "general", text: "Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2009-1267", url: "https://www.suse.com/security/cve/CVE-2009-1267", }, { category: "external", summary: "SUSE Bug 493584 for CVE-2009-1267", url: "https://bugzilla.suse.com/493584", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2009-1267", }, { cve: "CVE-2009-1268", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2009-1268", }, ], notes: [ { category: "general", text: "The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2009-1268", url: "https://www.suse.com/security/cve/CVE-2009-1268", }, { category: "external", summary: "SUSE Bug 493584 for CVE-2009-1268", url: "https://bugzilla.suse.com/493584", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2009-1268", }, { cve: "CVE-2009-1269", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2009-1269", }, ], notes: [ { category: "general", text: "Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2009-1269", url: "https://www.suse.com/security/cve/CVE-2009-1269", }, { category: "external", summary: "SUSE Bug 493584 for CVE-2009-1269", url: "https://bugzilla.suse.com/493584", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2009-1269", }, { cve: "CVE-2009-3241", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2009-3241", }, ], notes: [ { category: "general", text: "Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via malformed OPCUA Service CallRequest packets.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2009-3241", url: "https://www.suse.com/security/cve/CVE-2009-3241", }, { category: "external", summary: "SUSE Bug 541654 for CVE-2009-3241", url: "https://bugzilla.suse.com/541654", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2009-3241", }, { cve: "CVE-2009-3242", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2009-3242", }, ], notes: [ { category: "general", text: "Unspecified vulnerability in packet.c in the GSM A RR dissector in Wireshark 1.2.0 and 1.2.1 allows remote attackers to cause a denial of service (application crash) via unknown vectors related to \"an uninitialized dissector handle,\" which triggers an assertion failure.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2009-3242", url: "https://www.suse.com/security/cve/CVE-2009-3242", }, { category: "external", summary: "SUSE Bug 541659 for CVE-2009-3242", url: "https://bugzilla.suse.com/541659", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2009-3242", }, { cve: "CVE-2009-3243", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2009-3243", }, ], notes: [ { category: "general", text: "Unspecified vulnerability in the TLS dissector in Wireshark 1.2.0 and 1.2.1, when running on Windows, allows remote attackers to cause a denial of service (application crash) via unknown vectors related to TLS 1.2 conversations.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2009-3243", url: "https://www.suse.com/security/cve/CVE-2009-3243", }, { category: "external", summary: "SUSE Bug 541655 for CVE-2009-3243", url: "https://bugzilla.suse.com/541655", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2009-3243", }, { cve: "CVE-2010-1455", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2010-1455", }, ], notes: [ { category: "general", text: "The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2010-1455", url: "https://www.suse.com/security/cve/CVE-2010-1455", }, { category: "external", summary: "SUSE Bug 603251 for CVE-2010-1455", url: "https://bugzilla.suse.com/603251", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2010-1455", }, { cve: "CVE-2010-2993", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2010-2993", }, ], notes: [ { category: "general", text: "The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2010-2993", url: "https://www.suse.com/security/cve/CVE-2010-2993", }, { category: "external", summary: "SUSE Bug 630599 for CVE-2010-2993", url: "https://bugzilla.suse.com/630599", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2010-2993", }, { cve: "CVE-2010-3445", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2010-3445", }, ], notes: [ { category: "general", text: "Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long string in an unknown ASN.1/BER encoded packet, as demonstrated using SNMP.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2010-3445", url: "https://www.suse.com/security/cve/CVE-2010-3445", }, { category: "external", summary: "SUSE Bug 643078 for CVE-2010-3445", url: "https://bugzilla.suse.com/643078", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2010-3445", }, { cve: "CVE-2010-4300", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2010-4300", }, ], notes: [ { category: "general", text: "Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an LDSS packet with a long digest line that triggers memory corruption.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2010-4300", url: "https://www.suse.com/security/cve/CVE-2010-4300", }, { category: "external", summary: "SUSE Bug 655448 for CVE-2010-4300", url: "https://bugzilla.suse.com/655448", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2010-4300", }, { cve: "CVE-2010-4301", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2010-4301", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted ZCL packet, related to Discover Attributes.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2010-4301", url: "https://www.suse.com/security/cve/CVE-2010-4301", }, { category: "external", summary: "SUSE Bug 655448 for CVE-2010-4301", url: "https://bugzilla.suse.com/655448", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2010-4301", }, { cve: "CVE-2010-4538", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2010-4538", }, ], notes: [ { category: "general", text: "Buffer overflow in the sect_enttec_dmx_da function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding (RLE) compression.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2010-4538", url: "https://www.suse.com/security/cve/CVE-2010-4538", }, { category: "external", summary: "SUSE Bug 662029 for CVE-2010-4538", url: "https://bugzilla.suse.com/662029", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2010-4538", }, { cve: "CVE-2011-0024", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2011-0024", }, ], notes: [ { category: "general", text: "Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted capture file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2011-0024", url: "https://www.suse.com/security/cve/CVE-2011-0024", }, { category: "external", summary: "SUSE Bug 683335 for CVE-2011-0024", url: "https://bugzilla.suse.com/683335", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2011-0024", }, { cve: "CVE-2011-0538", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2011-0538", }, ], notes: [ { category: "general", text: "Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2011-0538", url: "https://www.suse.com/security/cve/CVE-2011-0538", }, { category: "external", summary: "SUSE Bug 669908 for CVE-2011-0538", url: "https://bugzilla.suse.com/669908", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2011-0538", }, { cve: "CVE-2011-0713", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2011-0713", }, ], notes: [ { category: "general", text: "Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2011-0713", url: "https://www.suse.com/security/cve/CVE-2011-0713", }, { category: "external", summary: "SUSE Bug 672916 for CVE-2011-0713", url: "https://bugzilla.suse.com/672916", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2011-0713", }, { cve: "CVE-2011-1138", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2011-1138", }, ], notes: [ { category: "general", text: "Off-by-one error in the dissect_6lowpan_iphc function in packet-6lowpan.c in Wireshark 1.4.0 through 1.4.3 on 32-bit platforms allows remote attackers to cause a denial of service (application crash) via a malformed 6LoWPAN IPv6 packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2011-1138", url: "https://www.suse.com/security/cve/CVE-2011-1138", }, { category: "external", summary: "SUSE Bug 678567 for CVE-2011-1138", url: "https://bugzilla.suse.com/678567", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2011-1138", }, { cve: "CVE-2011-1139", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2011-1139", }, ], notes: [ { category: "general", text: "wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) via a pcap-ng file that contains a large packet-length field.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2011-1139", url: "https://www.suse.com/security/cve/CVE-2011-1139", }, { category: "external", summary: "SUSE Bug 678568 for CVE-2011-1139", url: "https://bugzilla.suse.com/678568", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2011-1139", }, { cve: "CVE-2011-1140", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2011-1140", }, ], notes: [ { category: "general", text: "Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service (infinite recursion) via a crafted (1) SMB or (2) Connection-less LDAP (CLDAP) packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2011-1140", url: "https://www.suse.com/security/cve/CVE-2011-1140", }, { category: "external", summary: "SUSE Bug 678569 for CVE-2011-1140", url: "https://bugzilla.suse.com/678569", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2011-1140", }, { cve: "CVE-2011-1143", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2011-1143", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2011-1143", url: "https://www.suse.com/security/cve/CVE-2011-1143", }, { category: "external", summary: "SUSE Bug 678571 for CVE-2011-1143", url: "https://bugzilla.suse.com/678571", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2011-1143", }, { cve: "CVE-2011-1590", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2011-1590", }, ], notes: [ { category: "general", text: "The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2011-1590", url: "https://www.suse.com/security/cve/CVE-2011-1590", }, { category: "external", summary: "SUSE Bug 688109 for CVE-2011-1590", url: "https://bugzilla.suse.com/688109", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2011-1590", }, { cve: "CVE-2011-1591", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2011-1591", }, ], notes: [ { category: "general", text: "Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2011-1591", url: "https://www.suse.com/security/cve/CVE-2011-1591", }, { category: "external", summary: "SUSE Bug 688109 for CVE-2011-1591", url: "https://bugzilla.suse.com/688109", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2011-1591", }, { cve: "CVE-2011-1592", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2011-1592", }, ], notes: [ { category: "general", text: "The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x before 1.4.5 on Windows uses an incorrect integer data type during decoding of SETCLIENTID calls, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2011-1592", url: "https://www.suse.com/security/cve/CVE-2011-1592", }, { category: "external", summary: "SUSE Bug 688109 for CVE-2011-1592", url: "https://bugzilla.suse.com/688109", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2011-1592", }, { cve: "CVE-2011-1957", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2011-1957", }, ], notes: [ { category: "general", text: "The dissect_dcm_main function in epan/dissectors/packet-dcm.c in the DICOM dissector in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (infinite loop) via an invalid PDU length.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2011-1957", url: "https://www.suse.com/security/cve/CVE-2011-1957", }, { category: "external", summary: "SUSE Bug 697516 for CVE-2011-1957", url: "https://bugzilla.suse.com/697516", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2011-1957", }, { cve: "CVE-2011-1958", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2011-1958", }, ], notes: [ { category: "general", text: "Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Diameter dictionary file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2011-1958", url: "https://www.suse.com/security/cve/CVE-2011-1958", }, { category: "external", summary: "SUSE Bug 697516 for CVE-2011-1958", url: "https://bugzilla.suse.com/697516", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2011-1958", }, { cve: "CVE-2011-1959", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2011-1959", }, ], notes: [ { category: "general", text: "The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service (application crash) via a large length value in a snoop file that triggers a stack-based buffer over-read.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2011-1959", url: "https://www.suse.com/security/cve/CVE-2011-1959", }, { category: "external", summary: "SUSE Bug 697516 for CVE-2011-1959", url: "https://bugzilla.suse.com/697516", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2011-1959", }, { cve: "CVE-2011-2174", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2011-2174", }, ], notes: [ { category: "general", text: "Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a packet with malformed data that uses zlib compression.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2011-2174", url: "https://www.suse.com/security/cve/CVE-2011-2174", }, { category: "external", summary: "SUSE Bug 697516 for CVE-2011-2174", url: "https://bugzilla.suse.com/697516", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2011-2174", }, { cve: "CVE-2011-2175", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2011-2175", }, ], notes: [ { category: "general", text: "Integer underflow in the visual_read function in wiretap/visual.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a malformed Visual Networks file that triggers a heap-based buffer over-read.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2011-2175", url: "https://www.suse.com/security/cve/CVE-2011-2175", }, { category: "external", summary: "SUSE Bug 697516 for CVE-2011-2175", url: "https://bugzilla.suse.com/697516", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2011-2175", }, { cve: "CVE-2011-2597", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2011-2597", }, ], notes: [ { category: "general", text: "The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0 allows remote attackers to cause a denial of service (infinite loop) via malformed packets.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2011-2597", url: "https://www.suse.com/security/cve/CVE-2011-2597", }, { category: "external", summary: "SUSE Bug 706728 for CVE-2011-2597", url: "https://bugzilla.suse.com/706728", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2011-2597", }, { cve: "CVE-2011-2698", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2011-2698", }, ], notes: [ { category: "general", text: "Off-by-one error in the elem_cell_id_aux function in epan/dissectors/packet-ansi_a.c in the ANSI MAP dissector in Wireshark 1.4.x before 1.4.8 and 1.6.x before 1.6.1 allows remote attackers to cause a denial of service (infinite loop) via an invalid packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2011-2698", url: "https://www.suse.com/security/cve/CVE-2011-2698", }, { category: "external", summary: "SUSE Bug 706728 for CVE-2011-2698", url: "https://bugzilla.suse.com/706728", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2011-2698", }, { cve: "CVE-2011-3266", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2011-3266", }, ], notes: [ { category: "general", text: "The proto_tree_add_item function in Wireshark 1.6.0 through 1.6.1 and 1.4.0 through 1.4.8, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service (infinite loop) via vectors involving a malformed IKE packet and many items in a tree.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2011-3266", url: "https://www.suse.com/security/cve/CVE-2011-3266", }, { category: "external", summary: "SUSE Bug 718032 for CVE-2011-3266", url: "https://bugzilla.suse.com/718032", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2011-3266", }, { cve: "CVE-2011-3360", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2011-3360", }, ], notes: [ { category: "general", text: "Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2 allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2011-3360", url: "https://www.suse.com/security/cve/CVE-2011-3360", }, { category: "external", summary: "SUSE Bug 718032 for CVE-2011-3360", url: "https://bugzilla.suse.com/718032", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2011-3360", }, { cve: "CVE-2011-3483", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2011-3483", }, ], notes: [ { category: "general", text: "Wireshark 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (application crash) via a malformed capture file that leads to an invalid root tvbuff, related to a \"buffer exception handling vulnerability.\"", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2011-3483", url: "https://www.suse.com/security/cve/CVE-2011-3483", }, { category: "external", summary: "SUSE Bug 718032 for CVE-2011-3483", url: "https://bugzilla.suse.com/718032", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2011-3483", }, { cve: "CVE-2012-2392", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-2392", }, ], notes: [ { category: "general", text: "Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allows remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) ANSI MAP, (2) ASF, (3) IEEE 802.11, (4) IEEE 802.3, and (5) LTP dissectors.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-2392", url: "https://www.suse.com/security/cve/CVE-2012-2392", }, { category: "external", summary: "SUSE Bug 763634 for CVE-2012-2392", url: "https://bugzilla.suse.com/763634", }, { category: "external", summary: "SUSE Bug 763855 for CVE-2012-2392", url: "https://bugzilla.suse.com/763855", }, { category: "external", summary: "SUSE Bug 769578 for CVE-2012-2392", url: "https://bugzilla.suse.com/769578", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2012-2392", }, { cve: "CVE-2012-2393", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-2393", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 does not properly construct certain array data structures, which allows remote attackers to cause a denial of service (application crash) via a crafted packet that triggers incorrect memory allocation.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-2393", url: "https://www.suse.com/security/cve/CVE-2012-2393", }, { category: "external", summary: "SUSE Bug 763634 for CVE-2012-2393", url: "https://bugzilla.suse.com/763634", }, { category: "external", summary: "SUSE Bug 763855 for CVE-2012-2393", url: "https://bugzilla.suse.com/763855", }, { category: "external", summary: "SUSE Bug 763857 for CVE-2012-2393", url: "https://bugzilla.suse.com/763857", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2012-2393", }, { cve: "CVE-2012-2394", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-2394", }, ], notes: [ { category: "general", text: "Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and Itanium platforms does not properly perform data alignment for a certain structure member, which allows remote attackers to cause a denial of service (application crash) via a (1) ICMP or (2) ICMPv6 Echo Request packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-2394", url: "https://www.suse.com/security/cve/CVE-2012-2394", }, { category: "external", summary: "SUSE Bug 763634 for CVE-2012-2394", url: "https://bugzilla.suse.com/763634", }, { category: "external", summary: "SUSE Bug 763859 for CVE-2012-2394", url: "https://bugzilla.suse.com/763859", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2012-2394", }, { cve: "CVE-2012-3548", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-3548", }, ], notes: [ { category: "general", text: "The dissect_drda function in epan/dissectors/packet-drda.c in Wireshark 1.6.x through 1.6.10 and 1.8.x through 1.8.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a small value for a certain length field in a capture file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-3548", url: "https://www.suse.com/security/cve/CVE-2012-3548", }, { category: "external", summary: "SUSE Bug 778000 for CVE-2012-3548", url: "https://bugzilla.suse.com/778000", }, { category: "external", summary: "SUSE Bug 783275 for CVE-2012-3548", url: "https://bugzilla.suse.com/783275", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-3548", }, { cve: "CVE-2012-4048", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-4048", }, ], notes: [ { category: "general", text: "The PPP dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via a crafted packet, as demonstrated by a usbmon dump.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-4048", url: "https://www.suse.com/security/cve/CVE-2012-4048", }, { category: "external", summary: "SUSE Bug 772738 for CVE-2012-4048", url: "https://bugzilla.suse.com/772738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2012-4048", }, { cve: "CVE-2012-4049", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-4049", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (loop and CPU consumption) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-4049", url: "https://www.suse.com/security/cve/CVE-2012-4049", }, { category: "external", summary: "SUSE Bug 772738 for CVE-2012-4049", url: "https://bugzilla.suse.com/772738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2012-4049", }, { cve: "CVE-2012-4285", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-4285", }, ], notes: [ { category: "general", text: "The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a zero-length message.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-4285", url: "https://www.suse.com/security/cve/CVE-2012-4285", }, { category: "external", summary: "SUSE Bug 776083 for CVE-2012-4285", url: "https://bugzilla.suse.com/776083", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2012-4285", }, { cve: "CVE-2012-4286", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-4286", }, ], notes: [ { category: "general", text: "The pcapng_read_packet_block function in wiretap/pcapng.c in the pcap-ng file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted pcap-ng file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-4286", url: "https://www.suse.com/security/cve/CVE-2012-4286", }, { category: "external", summary: "SUSE Bug 776083 for CVE-2012-4286", url: "https://bugzilla.suse.com/776083", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-4286", }, { cve: "CVE-2012-4287", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-4287", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-mongo.c in the MongoDB dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a small value for a BSON document length.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-4287", url: "https://www.suse.com/security/cve/CVE-2012-4287", }, { category: "external", summary: "SUSE Bug 776083 for CVE-2012-4287", url: "https://bugzilla.suse.com/776083", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-4287", }, { cve: "CVE-2012-4288", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-4288", }, ], notes: [ { category: "general", text: "Integer overflow in the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop or application crash) via a large value for a span length.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-4288", url: "https://www.suse.com/security/cve/CVE-2012-4288", }, { category: "external", summary: "SUSE Bug 776083 for CVE-2012-4288", url: "https://bugzilla.suse.com/776083", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-4288", }, { cve: "CVE-2012-4289", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-4289", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-afp.c in the AFP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a large number of ACL entries.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-4289", url: "https://www.suse.com/security/cve/CVE-2012-4289", }, { category: "external", summary: "SUSE Bug 776083 for CVE-2012-4289", url: "https://bugzilla.suse.com/776083", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-4289", }, { cve: "CVE-2012-4290", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-4290", }, ], notes: [ { category: "general", text: "The CTDB dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-4290", url: "https://www.suse.com/security/cve/CVE-2012-4290", }, { category: "external", summary: "SUSE Bug 776083 for CVE-2012-4290", url: "https://bugzilla.suse.com/776083", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2012-4290", }, { cve: "CVE-2012-4291", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-4291", }, ], notes: [ { category: "general", text: "The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-4291", url: "https://www.suse.com/security/cve/CVE-2012-4291", }, { category: "external", summary: "SUSE Bug 776083 for CVE-2012-4291", url: "https://bugzilla.suse.com/776083", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2012-4291", }, { cve: "CVE-2012-4292", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-4292", }, ], notes: [ { category: "general", text: "The dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly interact with key-destruction behavior in a certain tree library, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-4292", url: "https://www.suse.com/security/cve/CVE-2012-4292", }, { category: "external", summary: "SUSE Bug 776083 for CVE-2012-4292", url: "https://bugzilla.suse.com/776083", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-4292", }, { cve: "CVE-2012-4293", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-4293", }, ], notes: [ { category: "general", text: "plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly handle certain integer fields, which allows remote attackers to cause a denial of service (application exit) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-4293", url: "https://www.suse.com/security/cve/CVE-2012-4293", }, { category: "external", summary: "SUSE Bug 776083 for CVE-2012-4293", url: "https://bugzilla.suse.com/776083", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-4293", }, { cve: "CVE-2012-4294", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-4294", }, ], notes: [ { category: "general", text: "Buffer overflow in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a large speed (aka rate) value.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-4294", url: "https://www.suse.com/security/cve/CVE-2012-4294", }, { category: "external", summary: "SUSE Bug 776083 for CVE-2012-4294", url: "https://bugzilla.suse.com/776083", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-4294", }, { cve: "CVE-2012-4295", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-4295", }, ], notes: [ { category: "general", text: "Array index error in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 might allow remote attackers to cause a denial of service (application crash) via a crafted speed (aka rate) value.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-4295", url: "https://www.suse.com/security/cve/CVE-2012-4295", }, { category: "external", summary: "SUSE Bug 776083 for CVE-2012-4295", url: "https://bugzilla.suse.com/776083", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2012-4295", }, { cve: "CVE-2012-4296", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-4296", }, ], notes: [ { category: "general", text: "Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-4296", url: "https://www.suse.com/security/cve/CVE-2012-4296", }, { category: "external", summary: "SUSE Bug 776083 for CVE-2012-4296", url: "https://bugzilla.suse.com/776083", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-4296", }, { cve: "CVE-2012-4297", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-4297", }, ], notes: [ { category: "general", text: "Buffer overflow in the dissect_gsm_rlcmac_downlink function in epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC MAC dissector in Wireshark 1.6.x before 1.6.10 and 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-4297", url: "https://www.suse.com/security/cve/CVE-2012-4297", }, { category: "external", summary: "SUSE Bug 776083 for CVE-2012-4297", url: "https://bugzilla.suse.com/776083", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2012-4297", }, { cve: "CVE-2012-4298", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-4298", }, ], notes: [ { category: "general", text: "Integer signedness error in the vwr_read_rec_data_ethernet function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to execute arbitrary code via a crafted packet-trace file that triggers a buffer overflow.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-4298", url: "https://www.suse.com/security/cve/CVE-2012-4298", }, { category: "external", summary: "SUSE Bug 776083 for CVE-2012-4298", url: "https://bugzilla.suse.com/776083", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-4298", }, { cve: "CVE-2012-5237", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-5237", }, ], notes: [ { category: "general", text: "The dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-5237", url: "https://www.suse.com/security/cve/CVE-2012-5237", }, { category: "external", summary: "SUSE Bug 783275 for CVE-2012-5237", url: "https://bugzilla.suse.com/783275", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-5237", }, { cve: "CVE-2012-5238", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-5238", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.3 uses incorrect OUI data structures during the decoding of (1) PPP and (2) LCP data, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-5238", url: "https://www.suse.com/security/cve/CVE-2012-5238", }, { category: "external", summary: "SUSE Bug 783275 for CVE-2012-5238", url: "https://bugzilla.suse.com/783275", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-5238", }, { cve: "CVE-2012-5239", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-5239", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-3548. Reason: This candidate is a reservation duplicate of CVE-2012-3548. Notes: All CVE users should reference CVE-2012-3548 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-5239", url: "https://www.suse.com/security/cve/CVE-2012-5239", }, { category: "external", summary: "SUSE Bug 783275 for CVE-2012-5239", url: "https://bugzilla.suse.com/783275", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-5239", }, { cve: "CVE-2012-5240", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-5240", }, ], notes: [ { category: "general", text: "Buffer overflow in the dissect_tlv function in epan/dissectors/packet-ldp.c in the LDP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-5240", url: "https://www.suse.com/security/cve/CVE-2012-5240", }, { category: "external", summary: "SUSE Bug 783275 for CVE-2012-5240", url: "https://bugzilla.suse.com/783275", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2012-5240", }, { cve: "CVE-2012-5592", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-5592", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6052. Reason: This candidate is a reservation duplicate of CVE-2012-6052. Notes: All CVE users should reference CVE-2012-6052 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-5592", url: "https://www.suse.com/security/cve/CVE-2012-5592", }, { category: "external", summary: "SUSE Bug 792005 for CVE-2012-5592", url: "https://bugzilla.suse.com/792005", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2012-5592", }, { cve: "CVE-2012-5593", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-5593", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6053. Reason: This candidate is a reservation duplicate of CVE-2012-6053. Notes: All CVE users should reference CVE-2012-6053 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-5593", url: "https://www.suse.com/security/cve/CVE-2012-5593", }, { category: "external", summary: "SUSE Bug 792005 for CVE-2012-5593", url: "https://bugzilla.suse.com/792005", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2012-5593", }, { cve: "CVE-2012-5594", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-5594", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6054. Reason: This candidate is a reservation duplicate of CVE-2012-6054. Notes: All CVE users should reference CVE-2012-6054 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-5594", url: "https://www.suse.com/security/cve/CVE-2012-5594", }, { category: "external", summary: "SUSE Bug 792005 for CVE-2012-5594", url: "https://bugzilla.suse.com/792005", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2012-5594", }, { cve: "CVE-2012-5595", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-5595", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6056. Reason: This candidate is a reservation duplicate of CVE-2012-6056. Notes: All CVE users should reference CVE-2012-6056 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-5595", url: "https://www.suse.com/security/cve/CVE-2012-5595", }, { category: "external", summary: "SUSE Bug 792005 for CVE-2012-5595", url: "https://bugzilla.suse.com/792005", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2012-5595", }, { cve: "CVE-2012-5596", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-5596", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6057. Reason: This candidate is a reservation duplicate of CVE-2012-6057. Notes: All CVE users should reference CVE-2012-6057 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-5596", url: "https://www.suse.com/security/cve/CVE-2012-5596", }, { category: "external", summary: "SUSE Bug 792005 for CVE-2012-5596", url: "https://bugzilla.suse.com/792005", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2012-5596", }, { cve: "CVE-2012-5597", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-5597", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6059. Reason: This candidate is a reservation duplicate of CVE-2012-6059. Notes: All CVE users should reference CVE-2012-6059 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-5597", url: "https://www.suse.com/security/cve/CVE-2012-5597", }, { category: "external", summary: "SUSE Bug 792005 for CVE-2012-5597", url: "https://bugzilla.suse.com/792005", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2012-5597", }, { cve: "CVE-2012-5598", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-5598", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6060. Reason: This candidate is a reservation duplicate of CVE-2012-6060. Notes: All CVE users should reference CVE-2012-6060 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-5598", url: "https://www.suse.com/security/cve/CVE-2012-5598", }, { category: "external", summary: "SUSE Bug 792005 for CVE-2012-5598", url: "https://bugzilla.suse.com/792005", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2012-5598", }, { cve: "CVE-2012-5599", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-5599", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6061. Reason: This candidate is a reservation duplicate of CVE-2012-6061. Notes: All CVE users should reference CVE-2012-6061 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-5599", url: "https://www.suse.com/security/cve/CVE-2012-5599", }, { category: "external", summary: "SUSE Bug 792005 for CVE-2012-5599", url: "https://bugzilla.suse.com/792005", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2012-5599", }, { cve: "CVE-2012-5600", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-5600", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6062. Reason: This candidate is a reservation duplicate of CVE-2012-6062. Notes: All CVE users should reference CVE-2012-6062 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-5600", url: "https://www.suse.com/security/cve/CVE-2012-5600", }, { category: "external", summary: "SUSE Bug 792005 for CVE-2012-5600", url: "https://bugzilla.suse.com/792005", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2012-5600", }, { cve: "CVE-2012-5601", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-5601", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6055. Reason: This candidate is a reservation duplicate of CVE-2012-6055. Notes: All CVE users should reference CVE-2012-6055 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-5601", url: "https://www.suse.com/security/cve/CVE-2012-5601", }, { category: "external", summary: "SUSE Bug 792005 for CVE-2012-5601", url: "https://bugzilla.suse.com/792005", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2012-5601", }, { cve: "CVE-2012-5602", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2012-5602", }, ], notes: [ { category: "general", text: "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-6058. Reason: This candidate is a reservation duplicate of CVE-2012-6058. Notes: All CVE users should reference CVE-2012-6058 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2012-5602", url: "https://www.suse.com/security/cve/CVE-2012-5602", }, { category: "external", summary: "SUSE Bug 792005 for CVE-2012-5602", url: "https://bugzilla.suse.com/792005", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "low", }, ], title: "CVE-2012-5602", }, { cve: "CVE-2013-1572", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1572", }, ], notes: [ { category: "general", text: "The dissect_oampdu_event_notification function in epan/dissectors/packet-slowprotocols.c in the IEEE 802.3 Slow Protocols dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle certain short lengths, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1572", url: "https://www.suse.com/security/cve/CVE-2013-1572", }, { category: "external", summary: "SUSE Bug 801131 for CVE-2013-1572", url: "https://bugzilla.suse.com/801131", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-1572", }, { cve: "CVE-2013-1573", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1573", }, ], notes: [ { category: "general", text: "The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a large number of padding bits, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1573", url: "https://www.suse.com/security/cve/CVE-2013-1573", }, { category: "external", summary: "SUSE Bug 801131 for CVE-2013-1573", url: "https://bugzilla.suse.com/801131", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-1573", }, { cve: "CVE-2013-1574", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1574", }, ], notes: [ { category: "general", text: "The dissect_bthci_eir_ad_data function in epan/dissectors/packet-bthci_cmd.c in the Bluetooth HCI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a counter variable, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1574", url: "https://www.suse.com/security/cve/CVE-2013-1574", }, { category: "external", summary: "SUSE Bug 801131 for CVE-2013-1574", url: "https://bugzilla.suse.com/801131", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-1574", }, { cve: "CVE-2013-1575", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1575", }, ], notes: [ { category: "general", text: "The dissect_r3_cmd_alarmconfigure function in epan/dissectors/packet-assa_r3.c in the R3 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a certain alarm length, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1575", url: "https://www.suse.com/security/cve/CVE-2013-1575", }, { category: "external", summary: "SUSE Bug 801131 for CVE-2013-1575", url: "https://bugzilla.suse.com/801131", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-1575", }, { cve: "CVE-2013-1576", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1576", }, ], notes: [ { category: "general", text: "The dissect_sdp_media_attribute function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly process crypto-suite parameters, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1576", url: "https://www.suse.com/security/cve/CVE-2013-1576", }, { category: "external", summary: "SUSE Bug 801131 for CVE-2013-1576", url: "https://bugzilla.suse.com/801131", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-1576", }, { cve: "CVE-2013-1577", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1577", }, ], notes: [ { category: "general", text: "The dissect_sip_p_charging_func_addresses function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle offset data associated with a quoted string, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1577", url: "https://www.suse.com/security/cve/CVE-2013-1577", }, { category: "external", summary: "SUSE Bug 801131 for CVE-2013-1577", url: "https://bugzilla.suse.com/801131", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-1577", }, { cve: "CVE-2013-1578", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1578", }, ], notes: [ { category: "general", text: "The dissect_pw_eth_heuristic function in epan/dissectors/packet-pw-eth.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle apparent Ethernet address values at the beginning of MPLS data, which allows remote attackers to cause a denial of service (loop) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1578", url: "https://www.suse.com/security/cve/CVE-2013-1578", }, { category: "external", summary: "SUSE Bug 801131 for CVE-2013-1578", url: "https://bugzilla.suse.com/801131", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-1578", }, { cve: "CVE-2013-1579", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1579", }, ], notes: [ { category: "general", text: "The rtps_util_add_bitmap function in epan/dissectors/packet-rtps.c in the RTPS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly implement certain nested loops for processing bitmap data, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1579", url: "https://www.suse.com/security/cve/CVE-2013-1579", }, { category: "external", summary: "SUSE Bug 801131 for CVE-2013-1579", url: "https://bugzilla.suse.com/801131", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-1579", }, { cve: "CVE-2013-1580", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1580", }, ], notes: [ { category: "general", text: "The dissect_cmstatus_tlv function in plugins/docsis/packet-cmstatus.c in the DOCSIS CM-STATUS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a position variable, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1580", url: "https://www.suse.com/security/cve/CVE-2013-1580", }, { category: "external", summary: "SUSE Bug 801131 for CVE-2013-1580", url: "https://bugzilla.suse.com/801131", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-1580", }, { cve: "CVE-2013-1581", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1581", }, ], notes: [ { category: "general", text: "The dissect_pft_fec_detailed function in epan/dissectors/packet-dcp-etsi.c in the DCP-ETSI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle fragment gaps, which allows remote attackers to cause a denial of service (loop) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1581", url: "https://www.suse.com/security/cve/CVE-2013-1581", }, { category: "external", summary: "SUSE Bug 801131 for CVE-2013-1581", url: "https://bugzilla.suse.com/801131", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-1581", }, { cve: "CVE-2013-1582", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1582", }, ], notes: [ { category: "general", text: "The dissect_clnp function in epan/dissectors/packet-clnp.c in the CLNP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly manage an offset variable, which allows remote attackers to cause a denial of service (infinite loop or application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1582", url: "https://www.suse.com/security/cve/CVE-2013-1582", }, { category: "external", summary: "SUSE Bug 801131 for CVE-2013-1582", url: "https://bugzilla.suse.com/801131", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-1582", }, { cve: "CVE-2013-1583", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1583", }, ], notes: [ { category: "general", text: "The dissect_version_4_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1583", url: "https://www.suse.com/security/cve/CVE-2013-1583", }, { category: "external", summary: "SUSE Bug 801131 for CVE-2013-1583", url: "https://bugzilla.suse.com/801131", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-1583", }, { cve: "CVE-2013-1584", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1584", }, ], notes: [ { category: "general", text: "The dissect_version_5_and_6_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1584", url: "https://www.suse.com/security/cve/CVE-2013-1584", }, { category: "external", summary: "SUSE Bug 801131 for CVE-2013-1584", url: "https://bugzilla.suse.com/801131", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-1584", }, { cve: "CVE-2013-1585", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1585", }, ], notes: [ { category: "general", text: "epan/tvbuff.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly validate certain length values for the MS-MMC dissector, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1585", url: "https://www.suse.com/security/cve/CVE-2013-1585", }, { category: "external", summary: "SUSE Bug 801131 for CVE-2013-1585", url: "https://bugzilla.suse.com/801131", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-1585", }, { cve: "CVE-2013-1586", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1586", }, ], notes: [ { category: "general", text: "The fragment_set_tot_len function in epan/reassemble.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly determine the length of a reassembled packet for the DTLS dissector, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1586", url: "https://www.suse.com/security/cve/CVE-2013-1586", }, { category: "external", summary: "SUSE Bug 801131 for CVE-2013-1586", url: "https://bugzilla.suse.com/801131", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-1586", }, { cve: "CVE-2013-1587", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1587", }, ], notes: [ { category: "general", text: "The dissect_rohc_ir_packet function in epan/dissectors/packet-rohc.c in the ROHC dissector in Wireshark 1.8.x before 1.8.5 does not properly handle unknown profiles, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1587", url: "https://www.suse.com/security/cve/CVE-2013-1587", }, { category: "external", summary: "SUSE Bug 801131 for CVE-2013-1587", url: "https://bugzilla.suse.com/801131", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-1587", }, { cve: "CVE-2013-1588", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1588", }, ], notes: [ { category: "general", text: "Multiple buffer overflows in the dissect_pft_fec_detailed function in the DCP-ETSI dissector in epan/dissectors/packet-dcp-etsi.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allow remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1588", url: "https://www.suse.com/security/cve/CVE-2013-1588", }, { category: "external", summary: "SUSE Bug 801131 for CVE-2013-1588", url: "https://bugzilla.suse.com/801131", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-1588", }, { cve: "CVE-2013-1589", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1589", }, ], notes: [ { category: "general", text: "Double free vulnerability in epan/proto.c in the dissection engine in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1589", url: "https://www.suse.com/security/cve/CVE-2013-1589", }, { category: "external", summary: "SUSE Bug 801131 for CVE-2013-1589", url: "https://bugzilla.suse.com/801131", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-1589", }, { cve: "CVE-2013-1590", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-1590", }, ], notes: [ { category: "general", text: "Buffer overflow in the NTLMSSP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-1590", url: "https://www.suse.com/security/cve/CVE-2013-1590", }, { category: "external", summary: "SUSE Bug 801131 for CVE-2013-1590", url: "https://bugzilla.suse.com/801131", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-1590", }, { cve: "CVE-2013-2475", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-2475", }, ], notes: [ { category: "general", text: "The TCP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-2475", url: "https://www.suse.com/security/cve/CVE-2013-2475", }, { category: "external", summary: "SUSE Bug 807942 for CVE-2013-2475", url: "https://bugzilla.suse.com/807942", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-2475", }, { cve: "CVE-2013-2476", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-2476", }, ], notes: [ { category: "general", text: "The dissect_hartip function in epan/dissectors/packet-hartip.c in the HART/IP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a packet with a header that is too short.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-2476", url: "https://www.suse.com/security/cve/CVE-2013-2476", }, { category: "external", summary: "SUSE Bug 807942 for CVE-2013-2476", url: "https://bugzilla.suse.com/807942", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-2476", }, { cve: "CVE-2013-2477", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-2477", }, ], notes: [ { category: "general", text: "The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly manage function pointers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-2477", url: "https://www.suse.com/security/cve/CVE-2013-2477", }, { category: "external", summary: "SUSE Bug 807942 for CVE-2013-2477", url: "https://bugzilla.suse.com/807942", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-2477", }, { cve: "CVE-2013-2478", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-2478", }, ], notes: [ { category: "general", text: "The dissect_server_info function in epan/dissectors/packet-ms-mms.c in the MS-MMS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not properly manage string lengths, which allows remote attackers to cause a denial of service (application crash) via a malformed packet that (1) triggers an integer overflow or (2) has embedded '\\0' characters in a string.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-2478", url: "https://www.suse.com/security/cve/CVE-2013-2478", }, { category: "external", summary: "SUSE Bug 807942 for CVE-2013-2478", url: "https://bugzilla.suse.com/807942", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-2478", }, { cve: "CVE-2013-2479", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-2479", }, ], notes: [ { category: "general", text: "The dissect_mpls_echo_tlv_dd_map function in epan/dissectors/packet-mpls-echo.c in the MPLS Echo dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via invalid Sub-tlv data.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-2479", url: "https://www.suse.com/security/cve/CVE-2013-2479", }, { category: "external", summary: "SUSE Bug 807942 for CVE-2013-2479", url: "https://bugzilla.suse.com/807942", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-2479", }, { cve: "CVE-2013-2480", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-2480", }, ], notes: [ { category: "general", text: "The RTPS and RTPS2 dissectors in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allow remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-2480", url: "https://www.suse.com/security/cve/CVE-2013-2480", }, { category: "external", summary: "SUSE Bug 807942 for CVE-2013-2480", url: "https://bugzilla.suse.com/807942", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-2480", }, { cve: "CVE-2013-2481", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-2481", }, ], notes: [ { category: "general", text: "Integer signedness error in the dissect_mount_dirpath_call function in epan/dissectors/packet-mount.c in the Mount dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6, when nfs_file_name_snooping is enabled, allows remote attackers to cause a denial of service (application crash) via a negative length value.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-2481", url: "https://www.suse.com/security/cve/CVE-2013-2481", }, { category: "external", summary: "SUSE Bug 807942 for CVE-2013-2481", url: "https://bugzilla.suse.com/807942", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-2481", }, { cve: "CVE-2013-2482", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-2482", }, ], notes: [ { category: "general", text: "The AMPQ dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-2482", url: "https://www.suse.com/security/cve/CVE-2013-2482", }, { category: "external", summary: "SUSE Bug 807942 for CVE-2013-2482", url: "https://bugzilla.suse.com/807942", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-2482", }, { cve: "CVE-2013-2483", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-2483", }, ], notes: [ { category: "general", text: "The acn_add_dmp_data function in epan/dissectors/packet-acn.c in the ACN dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via an invalid count value in ACN_DMP_ADT_D_RE DMP data.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-2483", url: "https://www.suse.com/security/cve/CVE-2013-2483", }, { category: "external", summary: "SUSE Bug 807942 for CVE-2013-2483", url: "https://bugzilla.suse.com/807942", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-2483", }, { cve: "CVE-2013-2484", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-2484", }, ], notes: [ { category: "general", text: "The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-2484", url: "https://www.suse.com/security/cve/CVE-2013-2484", }, { category: "external", summary: "SUSE Bug 807942 for CVE-2013-2484", url: "https://bugzilla.suse.com/807942", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-2484", }, { cve: "CVE-2013-2485", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-2485", }, ], notes: [ { category: "general", text: "The FCSP dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-2485", url: "https://www.suse.com/security/cve/CVE-2013-2485", }, { category: "external", summary: "SUSE Bug 807942 for CVE-2013-2485", url: "https://bugzilla.suse.com/807942", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-2485", }, { cve: "CVE-2013-2486", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-2486", }, ], notes: [ { category: "general", text: "The dissect_diagnosticrequest function in epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-2486", url: "https://www.suse.com/security/cve/CVE-2013-2486", }, { category: "external", summary: "SUSE Bug 807942 for CVE-2013-2486", url: "https://bugzilla.suse.com/807942", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-2486", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-2486", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-2486", }, { cve: "CVE-2013-2487", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-2487", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-reload.c in the REsource LOcation And Discovery (aka RELOAD) dissector in Wireshark 1.8.x before 1.8.6 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via crafted integer values in a packet, related to the (1) dissect_icecandidates, (2) dissect_kinddata, (3) dissect_nodeid_list, (4) dissect_storeans, (5) dissect_storereq, (6) dissect_storeddataspecifier, (7) dissect_fetchreq, (8) dissect_findans, (9) dissect_diagnosticinfo, (10) dissect_diagnosticresponse, (11) dissect_reload_messagecontents, and (12) dissect_reload_message functions, a different vulnerability than CVE-2013-2486.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-2487", url: "https://www.suse.com/security/cve/CVE-2013-2487", }, { category: "external", summary: "SUSE Bug 807942 for CVE-2013-2487", url: "https://bugzilla.suse.com/807942", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-2487", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-2487", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2013-2487", }, { cve: "CVE-2013-2488", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-2488", }, ], notes: [ { category: "general", text: "The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a denial of service (application crash) via a large offset value that triggers write access to an invalid memory location.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-2488", url: "https://www.suse.com/security/cve/CVE-2013-2488", }, { category: "external", summary: "SUSE Bug 807942 for CVE-2013-2488", url: "https://bugzilla.suse.com/807942", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-2488", }, { cve: "CVE-2013-3555", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3555", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3555", url: "https://www.suse.com/security/cve/CVE-2013-3555", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3555", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3555", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-3555", }, { cve: "CVE-2013-3556", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3556", }, ], notes: [ { category: "general", text: "The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3556", url: "https://www.suse.com/security/cve/CVE-2013-3556", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3556", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3556", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-3556", }, { cve: "CVE-2013-3557", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3557", }, ], notes: [ { category: "general", text: "The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3557", url: "https://www.suse.com/security/cve/CVE-2013-3557", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3557", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3557", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-3557", }, { cve: "CVE-2013-3558", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3558", }, ], notes: [ { category: "general", text: "The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3558", url: "https://www.suse.com/security/cve/CVE-2013-3558", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3558", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3558", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-3558", }, { cve: "CVE-2013-3559", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3559", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3559", url: "https://www.suse.com/security/cve/CVE-2013-3559", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3559", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3559", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-3559", }, { cve: "CVE-2013-3560", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3560", }, ], notes: [ { category: "general", text: "The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3560", url: "https://www.suse.com/security/cve/CVE-2013-3560", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3560", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3560", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-3560", }, { cve: "CVE-2013-3561", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3561", }, ], notes: [ { category: "general", text: "Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3561", url: "https://www.suse.com/security/cve/CVE-2013-3561", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3561", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3561", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-3561", }, { cve: "CVE-2013-3562", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-3562", }, ], notes: [ { category: "general", text: "Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (application crash) via a malformed packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-3562", url: "https://www.suse.com/security/cve/CVE-2013-3562", }, { category: "external", summary: "SUSE Bug 820566 for CVE-2013-3562", url: "https://bugzilla.suse.com/820566", }, { category: "external", summary: "SUSE Bug 820973 for CVE-2013-3562", url: "https://bugzilla.suse.com/820973", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-3562", }, { cve: "CVE-2013-4083", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4083", }, ], notes: [ { category: "general", text: "The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4083", url: "https://www.suse.com/security/cve/CVE-2013-4083", }, { category: "external", summary: "SUSE Bug 824900 for CVE-2013-4083", url: "https://bugzilla.suse.com/824900", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4083", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-4083", }, { cve: "CVE-2013-4920", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4920", }, ], notes: [ { category: "general", text: "The P1 dissector in Wireshark 1.10.x before 1.10.1 does not properly initialize a global variable, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4920", url: "https://www.suse.com/security/cve/CVE-2013-4920", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4920", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2013-4920", }, { cve: "CVE-2013-4921", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4921", }, ], notes: [ { category: "general", text: "Off-by-one error in the dissect_radiotap function in epan/dissectors/packet-ieee80211-radiotap.c in the Radiotap dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4921", url: "https://www.suse.com/security/cve/CVE-2013-4921", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4921", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2013-4921", }, { cve: "CVE-2013-4922", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4922", }, ], notes: [ { category: "general", text: "Double free vulnerability in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4922", url: "https://www.suse.com/security/cve/CVE-2013-4922", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4922", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2013-4922", }, { cve: "CVE-2013-4923", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4923", }, ], notes: [ { category: "general", text: "Memory leak in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (memory consumption) via crafted packets.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4923", url: "https://www.suse.com/security/cve/CVE-2013-4923", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4923", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2013-4923", }, { cve: "CVE-2013-4924", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4924", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 does not properly validate certain index values, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4924", url: "https://www.suse.com/security/cve/CVE-2013-4924", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4924", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2013-4924", }, { cve: "CVE-2013-4925", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4925", }, ], notes: [ { category: "general", text: "Integer signedness error in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4925", url: "https://www.suse.com/security/cve/CVE-2013-4925", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4925", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2013-4925", }, { cve: "CVE-2013-4926", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4926", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 does not properly determine whether there is remaining packet data to process, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4926", url: "https://www.suse.com/security/cve/CVE-2013-4926", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4926", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2013-4926", }, { cve: "CVE-2013-4927", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4927", }, ], notes: [ { category: "general", text: "Integer signedness error in the get_type_length function in epan/dissectors/packet-btsdp.c in the Bluetooth SDP dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (loop and CPU consumption) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4927", url: "https://www.suse.com/security/cve/CVE-2013-4927", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4927", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2013-4927", }, { cve: "CVE-2013-4928", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4928", }, ], notes: [ { category: "general", text: "Integer signedness error in the dissect_headers function in epan/dissectors/packet-btobex.c in the Bluetooth OBEX dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4928", url: "https://www.suse.com/security/cve/CVE-2013-4928", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4928", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2013-4928", }, { cve: "CVE-2013-4929", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4929", }, ], notes: [ { category: "general", text: "The parseFields function in epan/dissectors/packet-dis-pdus.c in the DIS dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not terminate packet-data processing after finding zero remaining bytes, which allows remote attackers to cause a denial of service (loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4929", url: "https://www.suse.com/security/cve/CVE-2013-4929", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4929", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2013-4929", }, { cve: "CVE-2013-4930", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4930", }, ], notes: [ { category: "general", text: "The dissect_dvbci_tpdu_hdr function in epan/dissectors/packet-dvbci.c in the DVB-CI dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not validate a certain length value before decrementing it, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4930", url: "https://www.suse.com/security/cve/CVE-2013-4930", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4930", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-4930", }, { cve: "CVE-2013-4931", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4931", }, ], notes: [ { category: "general", text: "epan/proto.c in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (loop) via a crafted packet that is not properly handled by the GSM RR dissector.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4931", url: "https://www.suse.com/security/cve/CVE-2013-4931", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4931", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-4931", }, { cve: "CVE-2013-4932", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4932", }, ], notes: [ { category: "general", text: "Multiple array index errors in epan/dissectors/packet-gsm_a_common.c in the GSM A Common dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allow remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4932", url: "https://www.suse.com/security/cve/CVE-2013-4932", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4932", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-4932", }, { cve: "CVE-2013-4933", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4933", }, ], notes: [ { category: "general", text: "The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4933", url: "https://www.suse.com/security/cve/CVE-2013-4933", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4933", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-4933", }, { cve: "CVE-2013-4934", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4934", }, ], notes: [ { category: "general", text: "The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize certain structure members, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4934", url: "https://www.suse.com/security/cve/CVE-2013-4934", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4934", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-4934", }, { cve: "CVE-2013-4935", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4935", }, ], notes: [ { category: "general", text: "The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in certain abnormal situations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4935", url: "https://www.suse.com/security/cve/CVE-2013-4935", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4935", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-4935", }, { cve: "CVE-2013-4936", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-4936", }, ], notes: [ { category: "general", text: "The IsDFP_Frame function in plugins/profinet/packet-pn-rt.c in the PROFINET Real-Time dissector in Wireshark 1.10.x before 1.10.1 does not validate MAC addresses, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-4936", url: "https://www.suse.com/security/cve/CVE-2013-4936", }, { category: "external", summary: "SUSE Bug 831718 for CVE-2013-4936", url: "https://bugzilla.suse.com/831718", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2013-4936", }, { cve: "CVE-2013-5717", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-5717", }, ], notes: [ { category: "general", text: "The Bluetooth HCI ACL dissector in Wireshark 1.10.x before 1.10.2 does not properly maintain a certain free list, which allows remote attackers to cause a denial of service (application crash) via a crafted packet that is not properly handled by the wmem_block_alloc function in epan/wmem/wmem_allocator_block.c.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-5717", url: "https://www.suse.com/security/cve/CVE-2013-5717", }, { category: "external", summary: "SUSE Bug 839607 for CVE-2013-5717", url: "https://bugzilla.suse.com/839607", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-5717", }, { cve: "CVE-2013-5718", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-5718", }, ], notes: [ { category: "general", text: "The dissect_nbap_T_dCH_ID function in epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not restrict the dch_id value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-5718", url: "https://www.suse.com/security/cve/CVE-2013-5718", }, { category: "external", summary: "SUSE Bug 839607 for CVE-2013-5718", url: "https://bugzilla.suse.com/839607", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-5718", }, { cve: "CVE-2013-5719", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-5719", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-assa_r3.c in the ASSA R3 dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-5719", url: "https://www.suse.com/security/cve/CVE-2013-5719", }, { category: "external", summary: "SUSE Bug 839607 for CVE-2013-5719", url: "https://bugzilla.suse.com/839607", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-5719", }, { cve: "CVE-2013-5720", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-5720", }, ], notes: [ { category: "general", text: "Buffer overflow in the RTPS dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-5720", url: "https://www.suse.com/security/cve/CVE-2013-5720", }, { category: "external", summary: "SUSE Bug 839607 for CVE-2013-5720", url: "https://bugzilla.suse.com/839607", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-5720", }, { cve: "CVE-2013-5721", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-5721", }, ], notes: [ { category: "general", text: "The dissect_mq_rr function in epan/dissectors/packet-mq.c in the MQ dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not properly determine when to enter a certain loop, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-5721", url: "https://www.suse.com/security/cve/CVE-2013-5721", }, { category: "external", summary: "SUSE Bug 839607 for CVE-2013-5721", url: "https://bugzilla.suse.com/839607", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-5721", }, { cve: "CVE-2013-5722", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-5722", }, ], notes: [ { category: "general", text: "Unspecified vulnerability in the LDAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-5722", url: "https://www.suse.com/security/cve/CVE-2013-5722", }, { category: "external", summary: "SUSE Bug 839607 for CVE-2013-5722", url: "https://bugzilla.suse.com/839607", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-5722", }, { cve: "CVE-2013-6336", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-6336", }, ], notes: [ { category: "general", text: "The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c in the IEEE 802.15.4 dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 uses an incorrect pointer chain, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-6336", url: "https://www.suse.com/security/cve/CVE-2013-6336", }, { category: "external", summary: "SUSE Bug 848738 for CVE-2013-6336", url: "https://bugzilla.suse.com/848738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-6336", }, { cve: "CVE-2013-6337", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-6337", }, ], notes: [ { category: "general", text: "Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-6337", url: "https://www.suse.com/security/cve/CVE-2013-6337", }, { category: "external", summary: "SUSE Bug 848738 for CVE-2013-6337", url: "https://bugzilla.suse.com/848738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-6337", }, { cve: "CVE-2013-6338", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-6338", }, ], notes: [ { category: "general", text: "The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-6338", url: "https://www.suse.com/security/cve/CVE-2013-6338", }, { category: "external", summary: "SUSE Bug 848738 for CVE-2013-6338", url: "https://bugzilla.suse.com/848738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-6338", }, { cve: "CVE-2013-6339", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-6339", }, ], notes: [ { category: "general", text: "The dissect_openwire_type function in epan/dissectors/packet-openwire.c in the OpenWire dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-6339", url: "https://www.suse.com/security/cve/CVE-2013-6339", }, { category: "external", summary: "SUSE Bug 848738 for CVE-2013-6339", url: "https://bugzilla.suse.com/848738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-6339", }, { cve: "CVE-2013-6340", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-6340", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-tcp.c in the TCP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly determine the amount of remaining data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-6340", url: "https://www.suse.com/security/cve/CVE-2013-6340", }, { category: "external", summary: "SUSE Bug 848738 for CVE-2013-6340", url: "https://bugzilla.suse.com/848738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-6340", }, { cve: "CVE-2013-7112", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-7112", }, ], notes: [ { category: "general", text: "The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-7112", url: "https://www.suse.com/security/cve/CVE-2013-7112", }, { category: "external", summary: "SUSE Bug 856498 for CVE-2013-7112", url: "https://bugzilla.suse.com/856498", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2013-7112", }, { cve: "CVE-2013-7113", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-7113", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark 1.10.x before 1.10.4 incorrectly relies on a global variable, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-7113", url: "https://www.suse.com/security/cve/CVE-2013-7113", }, { category: "external", summary: "SUSE Bug 856495 for CVE-2013-7113", url: "https://bugzilla.suse.com/856495", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2013-7113", }, { cve: "CVE-2013-7114", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2013-7114", }, ], notes: [ { category: "general", text: "Multiple buffer overflows in the create_ntlmssp_v2_key function in epan/dissectors/packet-ntlmssp.c in the NTLMSSP v2 dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 allow remote attackers to cause a denial of service (application crash) via a long domain name in a packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2013-7114", url: "https://www.suse.com/security/cve/CVE-2013-7114", }, { category: "external", summary: "SUSE Bug 856496 for CVE-2013-7114", url: "https://bugzilla.suse.com/856496", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2013-7114", }, { cve: "CVE-2014-2281", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-2281", }, ], notes: [ { category: "general", text: "The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-2281", url: "https://www.suse.com/security/cve/CVE-2014-2281", }, { category: "external", summary: "SUSE Bug 867485 for CVE-2014-2281", url: "https://bugzilla.suse.com/867485", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-2281", }, { cve: "CVE-2014-2282", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-2282", }, ], notes: [ { category: "general", text: "The dissect_protocol_data_parameter function in epan/dissectors/packet-m3ua.c in the M3UA dissector in Wireshark 1.10.x before 1.10.6 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted SS7 MTP3 packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-2282", url: "https://www.suse.com/security/cve/CVE-2014-2282", }, { category: "external", summary: "SUSE Bug 867485 for CVE-2014-2282", url: "https://bugzilla.suse.com/867485", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-2282", }, { cve: "CVE-2014-2283", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-2283", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-rlc in the RLC dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 uses inconsistent memory-management approaches, which allows remote attackers to cause a denial of service (use-after-free error and application crash) via a crafted UMTS Radio Link Control packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-2283", url: "https://www.suse.com/security/cve/CVE-2014-2283", }, { category: "external", summary: "SUSE Bug 867485 for CVE-2014-2283", url: "https://bugzilla.suse.com/867485", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-2283", }, { cve: "CVE-2014-2299", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-2299", }, ], notes: [ { category: "general", text: "Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the MPEG parser in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large record in MPEG data.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-2299", url: "https://www.suse.com/security/cve/CVE-2014-2299", }, { category: "external", summary: "SUSE Bug 867485 for CVE-2014-2299", url: "https://bugzilla.suse.com/867485", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "critical", }, ], title: "CVE-2014-2299", }, { cve: "CVE-2014-2907", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-2907", }, ], notes: [ { category: "general", text: "The srtp_add_address function in epan/dissectors/packet-rtp.c in the RTP dissector in Wireshark 1.10.x before 1.10.7 does not properly update SRTP conversation data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-2907", url: "https://www.suse.com/security/cve/CVE-2014-2907", }, { category: "external", summary: "SUSE Bug 874693 for CVE-2014-2907", url: "https://bugzilla.suse.com/874693", }, { category: "external", summary: "SUSE Bug 874760 for CVE-2014-2907", url: "https://bugzilla.suse.com/874760", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-2907", }, { cve: "CVE-2014-4020", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-4020", }, ], notes: [ { category: "general", text: "The dissect_frame function in epan/dissectors/packet-frame.c in the frame metadissector in Wireshark 1.10.x before 1.10.8 interprets a negative integer as a length value even though it was intended to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-4020", url: "https://www.suse.com/security/cve/CVE-2014-4020", }, { category: "external", summary: "SUSE Bug 882602 for CVE-2014-4020", url: "https://bugzilla.suse.com/882602", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-4020", }, { cve: "CVE-2014-5161", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-5161", }, ], notes: [ { category: "general", text: "The dissect_log function in plugins/irda/packet-irda.c in the IrDA dissector in Wireshark 1.10.x before 1.10.9 does not properly strip '\\n' characters, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-5161", url: "https://www.suse.com/security/cve/CVE-2014-5161", }, { category: "external", summary: "SUSE Bug 889854 for CVE-2014-5161", url: "https://bugzilla.suse.com/889854", }, { category: "external", summary: "SUSE Bug 889901 for CVE-2014-5161", url: "https://bugzilla.suse.com/889901", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-5161", }, { cve: "CVE-2014-5162", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-5162", }, ], notes: [ { category: "general", text: "The read_new_line function in wiretap/catapult_dct2000.c in the Catapult DCT2000 dissector in Wireshark 1.10.x before 1.10.9 does not properly strip '\\n' and '\\r' characters, which allows remote attackers to cause a denial of service (off-by-one buffer underflow and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-5162", url: "https://www.suse.com/security/cve/CVE-2014-5162", }, { category: "external", summary: "SUSE Bug 889854 for CVE-2014-5162", url: "https://bugzilla.suse.com/889854", }, { category: "external", summary: "SUSE Bug 889901 for CVE-2014-5162", url: "https://bugzilla.suse.com/889901", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-5162", }, { cve: "CVE-2014-5163", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-5163", }, ], notes: [ { category: "general", text: "The APN decode functionality in (1) epan/dissectors/packet-gtp.c and (2) epan/dissectors/packet-gsm_a_gm.c in the GTP and GSM Management dissectors in Wireshark 1.10.x before 1.10.9 does not completely initialize a certain buffer, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-5163", url: "https://www.suse.com/security/cve/CVE-2014-5163", }, { category: "external", summary: "SUSE Bug 889854 for CVE-2014-5163", url: "https://bugzilla.suse.com/889854", }, { category: "external", summary: "SUSE Bug 889906 for CVE-2014-5163", url: "https://bugzilla.suse.com/889906", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-5163", }, { cve: "CVE-2014-5164", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-5164", }, ], notes: [ { category: "general", text: "The rlc_decode_li function in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.10.x before 1.10.9 initializes a certain structure member only after this member is used, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-5164", url: "https://www.suse.com/security/cve/CVE-2014-5164", }, { category: "external", summary: "SUSE Bug 889854 for CVE-2014-5164", url: "https://bugzilla.suse.com/889854", }, { category: "external", summary: "SUSE Bug 889900 for CVE-2014-5164", url: "https://bugzilla.suse.com/889900", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-5164", }, { cve: "CVE-2014-5165", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-5165", }, ], notes: [ { category: "general", text: "The dissect_ber_constrained_bitstring function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.10.x before 1.10.9 does not properly validate padding values, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-5165", url: "https://www.suse.com/security/cve/CVE-2014-5165", }, { category: "external", summary: "SUSE Bug 889854 for CVE-2014-5165", url: "https://bugzilla.suse.com/889854", }, { category: "external", summary: "SUSE Bug 889899 for CVE-2014-5165", url: "https://bugzilla.suse.com/889899", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-5165", }, { cve: "CVE-2014-6423", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6423", }, ], notes: [ { category: "general", text: "The tvb_raw_text_add function in epan/dissectors/packet-megaco.c in the MEGACO dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (infinite loop) via an empty line.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6423", url: "https://www.suse.com/security/cve/CVE-2014-6423", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6423", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-6423", }, { cve: "CVE-2014-6424", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6424", }, ], notes: [ { category: "general", text: "The dissect_v9_v10_pdu_data function in epan/dissectors/packet-netflow.c in the Netflow dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 refers to incorrect offset and start variables, which allows remote attackers to cause a denial of service (uninitialized memory read and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6424", url: "https://www.suse.com/security/cve/CVE-2014-6424", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6424", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-6424", }, { cve: "CVE-2014-6425", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6425", }, ], notes: [ { category: "general", text: "The (1) get_quoted_string and (2) get_unquoted_string functions in epan/dissectors/packet-cups.c in the CUPS dissector in Wireshark 1.12.x before 1.12.1 allow remote attackers to cause a denial of service (buffer over-read and application crash) via a CUPS packet that lacks a trailing '\\0' character.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6425", url: "https://www.suse.com/security/cve/CVE-2014-6425", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-6425", }, { cve: "CVE-2014-6426", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6426", }, ], notes: [ { category: "general", text: "The dissect_hip_tlv function in epan/dissectors/packet-hip.c in the HIP dissector in Wireshark 1.12.x before 1.12.1 does not properly handle a NULL tree, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6426", url: "https://www.suse.com/security/cve/CVE-2014-6426", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-6426", }, { cve: "CVE-2014-6427", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6427", }, ], notes: [ { category: "general", text: "Off-by-one error in the is_rtsp_request_or_reply function in epan/dissectors/packet-rtsp.c in the RTSP dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet that triggers parsing of a token located one position beyond the current position.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6427", url: "https://www.suse.com/security/cve/CVE-2014-6427", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6427", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-6427", }, { cve: "CVE-2014-6428", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6428", }, ], notes: [ { category: "general", text: "The dissect_spdu function in epan/dissectors/packet-ses.c in the SES dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not initialize a certain ID value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6428", url: "https://www.suse.com/security/cve/CVE-2014-6428", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6428", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-6428", }, { cve: "CVE-2014-6429", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6429", }, ], notes: [ { category: "general", text: "The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not properly handle empty input data, which allows remote attackers to cause a denial of service (application crash) via a crafted file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6429", url: "https://www.suse.com/security/cve/CVE-2014-6429", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6429", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-6429", }, { cve: "CVE-2014-6430", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6430", }, ], notes: [ { category: "general", text: "The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not validate bitmask data, which allows remote attackers to cause a denial of service (application crash) via a crafted file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6430", url: "https://www.suse.com/security/cve/CVE-2014-6430", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6430", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-6430", }, { cve: "CVE-2014-6431", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6431", }, ], notes: [ { category: "general", text: "Buffer overflow in the SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (application crash) via a crafted file that triggers writes of uncompressed bytes beyond the end of the output buffer.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6431", url: "https://www.suse.com/security/cve/CVE-2014-6431", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6431", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-6431", }, { cve: "CVE-2014-6432", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-6432", }, ], notes: [ { category: "general", text: "The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not prevent data overwrites during copy operations, which allows remote attackers to cause a denial of service (application crash) via a crafted file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-6432", url: "https://www.suse.com/security/cve/CVE-2014-6432", }, { category: "external", summary: "SUSE Bug 897055 for CVE-2014-6432", url: "https://bugzilla.suse.com/897055", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-6432", }, { cve: "CVE-2014-8710", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-8710", }, ], notes: [ { category: "general", text: "The decompress_sigcomp_message function in epan/sigcomp-udvm.c in the SigComp UDVM dissector in Wireshark 1.10.x before 1.10.11 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-8710", url: "https://www.suse.com/security/cve/CVE-2014-8710", }, { category: "external", summary: "SUSE Bug 905246 for CVE-2014-8710", url: "https://bugzilla.suse.com/905246", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-8710", }, { cve: "CVE-2014-8711", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-8711", }, ], notes: [ { category: "general", text: "Multiple integer overflows in epan/dissectors/packet-amqp.c in the AMQP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allow remote attackers to cause a denial of service (application crash) via a crafted amqp_0_10 PDU in a packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-8711", url: "https://www.suse.com/security/cve/CVE-2014-8711", }, { category: "external", summary: "SUSE Bug 905245 for CVE-2014-8711", url: "https://bugzilla.suse.com/905245", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-8711", }, { cve: "CVE-2014-8712", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-8712", }, ], notes: [ { category: "general", text: "The build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-8712", url: "https://www.suse.com/security/cve/CVE-2014-8712", }, { category: "external", summary: "SUSE Bug 905248 for CVE-2014-8712", url: "https://bugzilla.suse.com/905248", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-8712", }, { cve: "CVE-2014-8713", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-8713", }, ], notes: [ { category: "general", text: "Stack-based buffer overflow in the build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-8713", url: "https://www.suse.com/security/cve/CVE-2014-8713", }, { category: "external", summary: "SUSE Bug 905248 for CVE-2014-8713", url: "https://bugzilla.suse.com/905248", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-8713", }, { cve: "CVE-2014-8714", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2014-8714", }, ], notes: [ { category: "general", text: "The dissect_write_structured_field function in epan/dissectors/packet-tn5250.c in the TN5250 dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2014-8714", url: "https://www.suse.com/security/cve/CVE-2014-8714", }, { category: "external", summary: "SUSE Bug 905247 for CVE-2014-8714", url: "https://bugzilla.suse.com/905247", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2014-8714", }, { cve: "CVE-2015-0559", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0559", }, ], notes: [ { category: "general", text: "Multiple use-after-free vulnerabilities in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted packet, related to the use of packet-scope memory instead of pinfo-scope memory.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0559", url: "https://www.suse.com/security/cve/CVE-2015-0559", }, { category: "external", summary: "SUSE Bug 912365 for CVE-2015-0559", url: "https://bugzilla.suse.com/912365", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-0559", }, { cve: "CVE-2015-0560", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0560", }, ], notes: [ { category: "general", text: "The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not initialize certain data structures, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0560", url: "https://www.suse.com/security/cve/CVE-2015-0560", }, { category: "external", summary: "SUSE Bug 912365 for CVE-2015-0560", url: "https://bugzilla.suse.com/912365", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-0560", }, { cve: "CVE-2015-0561", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0561", }, ], notes: [ { category: "general", text: "asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0561", url: "https://www.suse.com/security/cve/CVE-2015-0561", }, { category: "external", summary: "SUSE Bug 912368 for CVE-2015-0561", url: "https://bugzilla.suse.com/912368", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-0561", }, { cve: "CVE-2015-0562", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0562", }, ], notes: [ { category: "general", text: "Multiple use-after-free vulnerabilities in epan/dissectors/packet-dec-dnart.c in the DEC DNA Routing Protocol dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted packet, related to the use of packet-scope memory instead of pinfo-scope memory.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0562", url: "https://www.suse.com/security/cve/CVE-2015-0562", }, { category: "external", summary: "SUSE Bug 912369 for CVE-2015-0562", url: "https://bugzilla.suse.com/912369", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-0562", }, { cve: "CVE-2015-0563", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0563", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-smtp.c in the SMTP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 uses an incorrect length value for certain string-append operations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0563", url: "https://www.suse.com/security/cve/CVE-2015-0563", }, { category: "external", summary: "SUSE Bug 912370 for CVE-2015-0563", url: "https://bugzilla.suse.com/912370", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-0563", }, { cve: "CVE-2015-0564", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-0564", }, ], notes: [ { category: "general", text: "Buffer underflow in the ssl_decrypt_record function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet that is improperly handled during decryption of an SSL session.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-0564", url: "https://www.suse.com/security/cve/CVE-2015-0564", }, { category: "external", summary: "SUSE Bug 912372 for CVE-2015-0564", url: "https://bugzilla.suse.com/912372", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-0564", }, { cve: "CVE-2015-2187", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-2187", }, ], notes: [ { category: "general", text: "The dissect_atn_cpdlc_heur function in asn1/atn-cpdlc/packet-atn-cpdlc-template.c in the ATN-CPDLC dissector in Wireshark 1.12.x before 1.12.4 does not properly follow the TRY/ENDTRY code requirements, which allows remote attackers to cause a denial of service (stack memory corruption and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-2187", url: "https://www.suse.com/security/cve/CVE-2015-2187", }, { category: "external", summary: "SUSE Bug 920695 for CVE-2015-2187", url: "https://bugzilla.suse.com/920695", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-2187", }, { cve: "CVE-2015-2188", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-2188", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that is improperly handled during decompression.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-2188", url: "https://www.suse.com/security/cve/CVE-2015-2188", }, { category: "external", summary: "SUSE Bug 920696 for CVE-2015-2188", url: "https://bugzilla.suse.com/920696", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-2188", }, { cve: "CVE-2015-2189", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-2189", }, ], notes: [ { category: "general", text: "Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via an invalid Interface Statistics Block (ISB) interface ID in a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-2189", url: "https://www.suse.com/security/cve/CVE-2015-2189", }, { category: "external", summary: "SUSE Bug 920697 for CVE-2015-2189", url: "https://bugzilla.suse.com/920697", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-2189", }, { cve: "CVE-2015-2190", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-2190", }, ], notes: [ { category: "general", text: "epan/proto.c in Wireshark 1.12.x before 1.12.4 does not properly handle integer data types greater than 32 bits in size, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet that is improperly handled by the LLDP dissector.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-2190", url: "https://www.suse.com/security/cve/CVE-2015-2190", }, { category: "external", summary: "SUSE Bug 920698 for CVE-2015-2190", url: "https://bugzilla.suse.com/920698", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-2190", }, { cve: "CVE-2015-2191", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-2191", }, ], notes: [ { category: "general", text: "Integer overflow in the dissect_tnef function in epan/dissectors/packet-tnef.c in the TNEF dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-2191", url: "https://www.suse.com/security/cve/CVE-2015-2191", }, { category: "external", summary: "SUSE Bug 920699 for CVE-2015-2191", url: "https://bugzilla.suse.com/920699", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-2191", }, { cve: "CVE-2015-2192", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-2192", }, ], notes: [ { category: "general", text: "Integer overflow in the dissect_osd2_cdb_continuation function in epan/dissectors/packet-scsi-osd.c in the SCSI OSD dissector in Wireshark 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-2192", url: "https://www.suse.com/security/cve/CVE-2015-2192", }, { category: "external", summary: "SUSE Bug 920700 for CVE-2015-2192", url: "https://bugzilla.suse.com/920700", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-2192", }, { cve: "CVE-2015-3808", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3808", }, ], notes: [ { category: "general", text: "The dissect_lbmr_pser function in epan/dissectors/packet-lbmr.c in the LBMR dissector in Wireshark 1.12.x before 1.12.5 does not reject a zero length, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3808", url: "https://www.suse.com/security/cve/CVE-2015-3808", }, { category: "external", summary: "SUSE Bug 930689 for CVE-2015-3808", url: "https://bugzilla.suse.com/930689", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-3808", }, { cve: "CVE-2015-3809", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3809", }, ], notes: [ { category: "general", text: "The dissect_lbmr_pser function in epan/dissectors/packet-lbmr.c in the LBMR dissector in Wireshark 1.12.x before 1.12.5 does not properly track the current offset, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3809", url: "https://www.suse.com/security/cve/CVE-2015-3809", }, { category: "external", summary: "SUSE Bug 930689 for CVE-2015-3809", url: "https://bugzilla.suse.com/930689", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-3809", }, { cve: "CVE-2015-3810", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3810", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-websocket.c in the WebSocket dissector in Wireshark 1.12.x before 1.12.5 uses a recursive algorithm, which allows remote attackers to cause a denial of service (CPU consumption) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3810", url: "https://www.suse.com/security/cve/CVE-2015-3810", }, { category: "external", summary: "SUSE Bug 930689 for CVE-2015-3810", url: "https://bugzilla.suse.com/930689", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-3810", }, { cve: "CVE-2015-3811", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3811", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 improperly refers to previously processed bytes, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, a different vulnerability than CVE-2015-2188.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3811", url: "https://www.suse.com/security/cve/CVE-2015-3811", }, { category: "external", summary: "SUSE Bug 930689 for CVE-2015-3811", url: "https://bugzilla.suse.com/930689", }, { category: "external", summary: "SUSE Bug 930691 for CVE-2015-3811", url: "https://bugzilla.suse.com/930691", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-3811", }, { cve: "CVE-2015-3812", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3812", }, ], notes: [ { category: "general", text: "Multiple memory leaks in the x11_init_protocol function in epan/dissectors/packet-x11.c in the X11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 allow remote attackers to cause a denial of service (memory consumption) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3812", url: "https://www.suse.com/security/cve/CVE-2015-3812", }, { category: "external", summary: "SUSE Bug 930689 for CVE-2015-3812", url: "https://bugzilla.suse.com/930689", }, { category: "external", summary: "SUSE Bug 930691 for CVE-2015-3812", url: "https://bugzilla.suse.com/930691", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-3812", }, { cve: "CVE-2015-3813", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3813", }, ], notes: [ { category: "general", text: "The fragment_add_work function in epan/reassemble.c in the packet-reassembly feature in Wireshark 1.12.x before 1.12.5 does not properly determine the defragmentation state in a case of an insufficient snapshot length, which allows remote attackers to cause a denial of service (memory consumption) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3813", url: "https://www.suse.com/security/cve/CVE-2015-3813", }, { category: "external", summary: "SUSE Bug 930689 for CVE-2015-3813", url: "https://bugzilla.suse.com/930689", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-3813", }, { cve: "CVE-2015-3814", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3814", }, ], notes: [ { category: "general", text: "The (1) dissect_tfs_request and (2) dissect_tfs_response functions in epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 interpret a zero value as a length rather than an error condition, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3814", url: "https://www.suse.com/security/cve/CVE-2015-3814", }, { category: "external", summary: "SUSE Bug 930689 for CVE-2015-3814", url: "https://bugzilla.suse.com/930689", }, { category: "external", summary: "SUSE Bug 930691 for CVE-2015-3814", url: "https://bugzilla.suse.com/930691", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-3814", }, { cve: "CVE-2015-3815", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-3815", }, ], notes: [ { category: "general", text: "The detect_version function in wiretap/logcat.c in the Android Logcat file parser in Wireshark 1.12.x before 1.12.5 does not check the length of the payload, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a packet with a crafted payload, as demonstrated by a length of zero, a different vulnerability than CVE-2015-3906.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-3815", url: "https://www.suse.com/security/cve/CVE-2015-3815", }, { category: "external", summary: "SUSE Bug 930689 for CVE-2015-3815", url: "https://bugzilla.suse.com/930689", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-3815", }, { cve: "CVE-2015-4651", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-4651", }, ], notes: [ { category: "general", text: "The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.6 does not properly determine whether enough memory is available for storing IP address strings, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-4651", url: "https://www.suse.com/security/cve/CVE-2015-4651", }, { category: "external", summary: "SUSE Bug 935157 for CVE-2015-4651", url: "https://bugzilla.suse.com/935157", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-4651", }, { cve: "CVE-2015-4652", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-4652", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-gsm_a_dtap.c in the GSM DTAP dissector in Wireshark 1.12.x before 1.12.6 does not properly validate digit characters, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to the de_emerg_num_list and de_bcd_num functions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-4652", url: "https://www.suse.com/security/cve/CVE-2015-4652", }, { category: "external", summary: "SUSE Bug 935158 for CVE-2015-4652", url: "https://bugzilla.suse.com/935158", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-4652", }, { cve: "CVE-2015-6241", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-6241", }, ], notes: [ { category: "general", text: "The proto_tree_add_bytes_item function in epan/proto.c in the protocol-tree implementation in Wireshark 1.12.x before 1.12.7 does not properly terminate a data structure after a failure to locate a number within a string, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-6241", url: "https://www.suse.com/security/cve/CVE-2015-6241", }, { category: "external", summary: "SUSE Bug 941500 for CVE-2015-6241", url: "https://bugzilla.suse.com/941500", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-6241", }, { cve: "CVE-2015-6242", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-6242", }, ], notes: [ { category: "general", text: "The wmem_block_split_free_chunk function in epan/wmem/wmem_allocator_block.c in the wmem block allocator in the memory manager in Wireshark 1.12.x before 1.12.7 does not properly consider a certain case of multiple realloc operations that restore a memory chunk to its original size, which allows remote attackers to cause a denial of service (incorrect free operation and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-6242", url: "https://www.suse.com/security/cve/CVE-2015-6242", }, { category: "external", summary: "SUSE Bug 941500 for CVE-2015-6242", url: "https://bugzilla.suse.com/941500", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-6242", }, { cve: "CVE-2015-6243", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-6243", }, ], notes: [ { category: "general", text: "The dissector-table implementation in epan/packet.c in Wireshark 1.12.x before 1.12.7 mishandles table searches for empty strings, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to the (1) dissector_get_string_handle and (2) dissector_get_default_string_handle functions.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-6243", url: "https://www.suse.com/security/cve/CVE-2015-6243", }, { category: "external", summary: "SUSE Bug 941500 for CVE-2015-6243", url: "https://bugzilla.suse.com/941500", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-6243", }, { cve: "CVE-2015-6244", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-6244", }, ], notes: [ { category: "general", text: "The dissect_zbee_secure function in epan/dissectors/packet-zbee-security.c in the ZigBee dissector in Wireshark 1.12.x before 1.12.7 improperly relies on length fields contained in packet data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-6244", url: "https://www.suse.com/security/cve/CVE-2015-6244", }, { category: "external", summary: "SUSE Bug 941500 for CVE-2015-6244", url: "https://bugzilla.suse.com/941500", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-6244", }, { cve: "CVE-2015-6245", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-6245", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC/MAC dissector in Wireshark 1.12.x before 1.12.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-6245", url: "https://www.suse.com/security/cve/CVE-2015-6245", }, { category: "external", summary: "SUSE Bug 941500 for CVE-2015-6245", url: "https://bugzilla.suse.com/941500", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-6245", }, { cve: "CVE-2015-6246", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-6246", }, ], notes: [ { category: "general", text: "The dissect_wa_payload function in epan/dissectors/packet-waveagent.c in the WaveAgent dissector in Wireshark 1.12.x before 1.12.7 mishandles large tag values, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-6246", url: "https://www.suse.com/security/cve/CVE-2015-6246", }, { category: "external", summary: "SUSE Bug 941500 for CVE-2015-6246", url: "https://bugzilla.suse.com/941500", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-6246", }, { cve: "CVE-2015-6247", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-6247", }, ], notes: [ { category: "general", text: "The dissect_openflow_tablemod_v5 function in epan/dissectors/packet-openflow_v5.c in the OpenFlow dissector in Wireshark 1.12.x before 1.12.7 does not validate a certain offset value, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-6247", url: "https://www.suse.com/security/cve/CVE-2015-6247", }, { category: "external", summary: "SUSE Bug 941500 for CVE-2015-6247", url: "https://bugzilla.suse.com/941500", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-6247", }, { cve: "CVE-2015-6248", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-6248", }, ], notes: [ { category: "general", text: "The ptvcursor_add function in the ptvcursor implementation in epan/proto.c in Wireshark 1.12.x before 1.12.7 does not check whether the expected amount of data is available, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-6248", url: "https://www.suse.com/security/cve/CVE-2015-6248", }, { category: "external", summary: "SUSE Bug 941500 for CVE-2015-6248", url: "https://bugzilla.suse.com/941500", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-6248", }, { cve: "CVE-2015-6249", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-6249", }, ], notes: [ { category: "general", text: "The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.7 does not prevent the conflicting use of a table for both IPv4 and IPv6 addresses, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-6249", url: "https://www.suse.com/security/cve/CVE-2015-6249", }, { category: "external", summary: "SUSE Bug 941500 for CVE-2015-6249", url: "https://bugzilla.suse.com/941500", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-6249", }, { cve: "CVE-2015-7830", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-7830", }, ], notes: [ { category: "general", text: "The pcapng_read_if_descr_block function in wiretap/pcapng.c in the pcapng parser in Wireshark 1.12.x before 1.12.8 uses too many levels of pointer indirection, which allows remote attackers to cause a denial of service (incorrect free and application crash) via a crafted packet that triggers interface-filter copying.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-7830", url: "https://www.suse.com/security/cve/CVE-2015-7830", }, { category: "external", summary: "SUSE Bug 950437 for CVE-2015-7830", url: "https://bugzilla.suse.com/950437", }, { category: "external", summary: "SUSE Bug 960382 for CVE-2015-7830", url: "https://bugzilla.suse.com/960382", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-7830", }, { cve: "CVE-2015-8711", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8711", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8711", url: "https://www.suse.com/security/cve/CVE-2015-8711", }, { category: "external", summary: "SUSE Bug 960382 for CVE-2015-8711", url: "https://bugzilla.suse.com/960382", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-8711", }, { cve: "CVE-2015-8718", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8718", }, ], notes: [ { category: "general", text: "Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the \"Match MSG/RES packets for async NLM\" option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8718", url: "https://www.suse.com/security/cve/CVE-2015-8718", }, { category: "external", summary: "SUSE Bug 960382 for CVE-2015-8718", url: "https://bugzilla.suse.com/960382", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-8718", }, { cve: "CVE-2015-8720", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8720", }, ], notes: [ { category: "general", text: "The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8720", url: "https://www.suse.com/security/cve/CVE-2015-8720", }, { category: "external", summary: "SUSE Bug 960382 for CVE-2015-8720", url: "https://bugzilla.suse.com/960382", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-8720", }, { cve: "CVE-2015-8721", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8721", }, ], notes: [ { category: "general", text: "Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet with zlib compression.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8721", url: "https://www.suse.com/security/cve/CVE-2015-8721", }, { category: "external", summary: "SUSE Bug 960382 for CVE-2015-8721", url: "https://bugzilla.suse.com/960382", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-8721", }, { cve: "CVE-2015-8722", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8722", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the frame pointer, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8722", url: "https://www.suse.com/security/cve/CVE-2015-8722", }, { category: "external", summary: "SUSE Bug 960382 for CVE-2015-8722", url: "https://bugzilla.suse.com/960382", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-8722", }, { cve: "CVE-2015-8723", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8723", }, ], notes: [ { category: "general", text: "The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8723", url: "https://www.suse.com/security/cve/CVE-2015-8723", }, { category: "external", summary: "SUSE Bug 960382 for CVE-2015-8723", url: "https://bugzilla.suse.com/960382", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-8723", }, { cve: "CVE-2015-8724", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8724", }, ], notes: [ { category: "general", text: "The AirPDcapDecryptWPABroadcastKey function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not verify the WPA broadcast key length, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8724", url: "https://www.suse.com/security/cve/CVE-2015-8724", }, { category: "external", summary: "SUSE Bug 960382 for CVE-2015-8724", url: "https://bugzilla.suse.com/960382", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-8724", }, { cve: "CVE-2015-8725", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8725", }, ], notes: [ { category: "general", text: "The dissect_diameter_base_framed_ipv6_prefix function in epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the IPv6 prefix length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8725", url: "https://www.suse.com/security/cve/CVE-2015-8725", }, { category: "external", summary: "SUSE Bug 960382 for CVE-2015-8725", url: "https://bugzilla.suse.com/960382", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-8725", }, { cve: "CVE-2015-8726", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8726", }, ], notes: [ { category: "general", text: "wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8726", url: "https://www.suse.com/security/cve/CVE-2015-8726", }, { category: "external", summary: "SUSE Bug 960382 for CVE-2015-8726", url: "https://bugzilla.suse.com/960382", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-8726", }, { cve: "CVE-2015-8727", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8727", }, ], notes: [ { category: "general", text: "The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in the RSVP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not properly maintain request-key data, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8727", url: "https://www.suse.com/security/cve/CVE-2015-8727", }, { category: "external", summary: "SUSE Bug 960382 for CVE-2015-8727", url: "https://bugzilla.suse.com/960382", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-8727", }, { cve: "CVE-2015-8728", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8728", }, ], notes: [ { category: "general", text: "The Mobile Identity parser in (1) epan/dissectors/packet-ansi_a.c in the ANSI A dissector and (2) epan/dissectors/packet-gsm_a_common.c in the GSM A dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly uses the tvb_bcd_dig_to_wmem_packet_str function, which allows remote attackers to cause a denial of service (buffer overflow and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8728", url: "https://www.suse.com/security/cve/CVE-2015-8728", }, { category: "external", summary: "SUSE Bug 960382 for CVE-2015-8728", url: "https://bugzilla.suse.com/960382", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-8728", }, { cve: "CVE-2015-8729", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8729", }, ], notes: [ { category: "general", text: "The ascend_seek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a '\\0' character at the end of a date string, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8729", url: "https://www.suse.com/security/cve/CVE-2015-8729", }, { category: "external", summary: "SUSE Bug 960382 for CVE-2015-8729", url: "https://bugzilla.suse.com/960382", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-8729", }, { cve: "CVE-2015-8730", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8730", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the number of items, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8730", url: "https://www.suse.com/security/cve/CVE-2015-8730", }, { category: "external", summary: "SUSE Bug 960382 for CVE-2015-8730", url: "https://bugzilla.suse.com/960382", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-8730", }, { cve: "CVE-2015-8731", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8731", }, ], notes: [ { category: "general", text: "The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not reject unknown TLV types, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8731", url: "https://www.suse.com/security/cve/CVE-2015-8731", }, { category: "external", summary: "SUSE Bug 960382 for CVE-2015-8731", url: "https://bugzilla.suse.com/960382", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-8731", }, { cve: "CVE-2015-8732", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8732", }, ], notes: [ { category: "general", text: "The dissect_zcl_pwr_prof_pwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the Total Profile Number field, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8732", url: "https://www.suse.com/security/cve/CVE-2015-8732", }, { category: "external", summary: "SUSE Bug 960382 for CVE-2015-8732", url: "https://bugzilla.suse.com/960382", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-8732", }, { cve: "CVE-2015-8733", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8733", }, ], notes: [ { category: "general", text: "The ngsniffer_process_record function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8733", url: "https://www.suse.com/security/cve/CVE-2015-8733", }, { category: "external", summary: "SUSE Bug 960382 for CVE-2015-8733", url: "https://bugzilla.suse.com/960382", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-8733", }, { cve: "CVE-2015-8734", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8734", }, ], notes: [ { category: "general", text: "The dissect_nwp function in epan/dissectors/packet-nwp.c in the NWP dissector in Wireshark 2.0.x before 2.0.1 mishandles the packet type, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8734", url: "https://www.suse.com/security/cve/CVE-2015-8734", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-8734", }, { cve: "CVE-2015-8735", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8735", }, ], notes: [ { category: "general", text: "The get_value function in epan/dissectors/packet-btatt.c in the Bluetooth Attribute (aka BT ATT) dissector in Wireshark 2.0.x before 2.0.1 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (invalid write operation and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8735", url: "https://www.suse.com/security/cve/CVE-2015-8735", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-8735", }, { cve: "CVE-2015-8736", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8736", }, ], notes: [ { category: "general", text: "The mp2t_find_next_pcr function in wiretap/mp2t.c in the MP2T file parser in Wireshark 2.0.x before 2.0.1 does not reserve memory for a trailer, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8736", url: "https://www.suse.com/security/cve/CVE-2015-8736", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-8736", }, { cve: "CVE-2015-8737", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8737", }, ], notes: [ { category: "general", text: "The mp2t_open function in wiretap/mp2t.c in the MP2T file parser in Wireshark 2.0.x before 2.0.1 does not validate the bit rate, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8737", url: "https://www.suse.com/security/cve/CVE-2015-8737", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-8737", }, { cve: "CVE-2015-8738", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8738", }, ], notes: [ { category: "general", text: "The s7comm_decode_ud_cpu_szl_subfunc function in epan/dissectors/packet-s7comm_szl_ids.c in the S7COMM dissector in Wireshark 2.0.x before 2.0.1 does not validate the list count in an SZL response, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8738", url: "https://www.suse.com/security/cve/CVE-2015-8738", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-8738", }, { cve: "CVE-2015-8739", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8739", }, ], notes: [ { category: "general", text: "The ipmi_fmt_udpport function in epan/dissectors/packet-ipmi.c in the IPMI dissector in Wireshark 2.0.x before 2.0.1 improperly attempts to access a packet scope, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8739", url: "https://www.suse.com/security/cve/CVE-2015-8739", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-8739", }, { cve: "CVE-2015-8740", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8740", }, ], notes: [ { category: "general", text: "The dissect_tds7_colmetadata_token function in epan/dissectors/packet-tds.c in the TDS dissector in Wireshark 2.0.x before 2.0.1 does not validate the number of columns, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8740", url: "https://www.suse.com/security/cve/CVE-2015-8740", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-8740", }, { cve: "CVE-2015-8741", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8741", }, ], notes: [ { category: "general", text: "The dissect_ppi function in epan/dissectors/packet-ppi.c in the PPI dissector in Wireshark 2.0.x before 2.0.1 does not initialize a packet-header data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8741", url: "https://www.suse.com/security/cve/CVE-2015-8741", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-8741", }, { cve: "CVE-2015-8742", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2015-8742", }, ], notes: [ { category: "general", text: "The dissect_CPMSetBindings function in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.1 does not validate the column size, which allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2015-8742", url: "https://www.suse.com/security/cve/CVE-2015-8742", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2015-8742", }, { cve: "CVE-2016-2522", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-2522", }, ], notes: [ { category: "general", text: "The dissect_ber_constrained_bitstring function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 2.0.x before 2.0.2 does not verify that a certain length is nonzero, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-2522", url: "https://www.suse.com/security/cve/CVE-2016-2522", }, { category: "external", summary: "SUSE Bug 968565 for CVE-2016-2522", url: "https://bugzilla.suse.com/968565", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-2522", }, { cve: "CVE-2016-2523", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-2523", }, ], notes: [ { category: "general", text: "The dnp3_al_process_object function in epan/dissectors/packet-dnp.c in the DNP3 dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-2523", url: "https://www.suse.com/security/cve/CVE-2016-2523", }, { category: "external", summary: "SUSE Bug 968565 for CVE-2016-2523", url: "https://bugzilla.suse.com/968565", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-2523", }, { cve: "CVE-2016-2524", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-2524", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-x509af.c in the X.509AF dissector in Wireshark 2.0.x before 2.0.2 mishandles the algorithm ID, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-2524", url: "https://www.suse.com/security/cve/CVE-2016-2524", }, { category: "external", summary: "SUSE Bug 968565 for CVE-2016-2524", url: "https://bugzilla.suse.com/968565", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-2524", }, { cve: "CVE-2016-2525", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-2525", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-http2.c in the HTTP/2 dissector in Wireshark 2.0.x before 2.0.2 does not limit the amount of header data, which allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-2525", url: "https://www.suse.com/security/cve/CVE-2016-2525", }, { category: "external", summary: "SUSE Bug 968565 for CVE-2016-2525", url: "https://bugzilla.suse.com/968565", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-2525", }, { cve: "CVE-2016-2526", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-2526", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-hiqnet.c in the HiQnet dissector in Wireshark 2.0.x before 2.0.2 does not validate the data type, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-2526", url: "https://www.suse.com/security/cve/CVE-2016-2526", }, { category: "external", summary: "SUSE Bug 968565 for CVE-2016-2526", url: "https://bugzilla.suse.com/968565", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-2526", }, { cve: "CVE-2016-2527", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-2527", }, ], notes: [ { category: "general", text: "wiretap/nettrace_3gpp_32_423.c in the 3GPP TS 32.423 Trace file parser in Wireshark 2.0.x before 2.0.2 does not ensure that a '\\0' character is present at the end of certain strings, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-2527", url: "https://www.suse.com/security/cve/CVE-2016-2527", }, { category: "external", summary: "SUSE Bug 968565 for CVE-2016-2527", url: "https://bugzilla.suse.com/968565", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-2527", }, { cve: "CVE-2016-2528", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-2528", }, ], notes: [ { category: "general", text: "The dissect_nhdr_extopt function in epan/dissectors/packet-lbmc.c in the LBMC dissector in Wireshark 2.0.x before 2.0.2 does not validate length values, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-2528", url: "https://www.suse.com/security/cve/CVE-2016-2528", }, { category: "external", summary: "SUSE Bug 968565 for CVE-2016-2528", url: "https://bugzilla.suse.com/968565", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-2528", }, { cve: "CVE-2016-2529", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-2529", }, ], notes: [ { category: "general", text: "The iseries_check_file_type function in wiretap/iseries.c in the iSeries file parser in Wireshark 2.0.x before 2.0.2 does not consider that a line may lack the \"OBJECT PROTOCOL\" substring, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-2529", url: "https://www.suse.com/security/cve/CVE-2016-2529", }, { category: "external", summary: "SUSE Bug 968565 for CVE-2016-2529", url: "https://bugzilla.suse.com/968565", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-2529", }, { cve: "CVE-2016-2530", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-2530", }, ], notes: [ { category: "general", text: "The dissct_rsl_ipaccess_msg function in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 mishandles the case of an unrecognized TLV type, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet, a different vulnerability than CVE-2016-2531.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-2530", url: "https://www.suse.com/security/cve/CVE-2016-2530", }, { category: "external", summary: "SUSE Bug 968565 for CVE-2016-2530", url: "https://bugzilla.suse.com/968565", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-2530", }, { cve: "CVE-2016-2531", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-2531", }, ], notes: [ { category: "general", text: "Off-by-one error in epan/dissectors/packet-rsl.c in the RSL dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that triggers a 0xff tag value, a different vulnerability than CVE-2016-2530.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-2531", url: "https://www.suse.com/security/cve/CVE-2016-2531", }, { category: "external", summary: "SUSE Bug 968565 for CVE-2016-2531", url: "https://bugzilla.suse.com/968565", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-2531", }, { cve: "CVE-2016-2532", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-2532", }, ], notes: [ { category: "general", text: "The dissect_llrp_parameters function in epan/dissectors/packet-llrp.c in the LLRP dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 does not limit the recursion depth, which allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-2532", url: "https://www.suse.com/security/cve/CVE-2016-2532", }, { category: "external", summary: "SUSE Bug 968565 for CVE-2016-2532", url: "https://bugzilla.suse.com/968565", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-2532", }, { cve: "CVE-2016-5350", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-5350", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-dcerpc-spoolss.c in the SPOOLS component in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles unexpected offsets, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-5350", url: "https://www.suse.com/security/cve/CVE-2016-5350", }, { category: "external", summary: "SUSE Bug 983671 for CVE-2016-5350", url: "https://bugzilla.suse.com/983671", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2016-5350", }, { cve: "CVE-2016-5351", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-5351", }, ], notes: [ { category: "general", text: "epan/crypt/airpdcap.c in the IEEE 802.11 dissector in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles the lack of an EAPOL_RSN_KEY, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-5351", url: "https://www.suse.com/security/cve/CVE-2016-5351", }, { category: "external", summary: "SUSE Bug 983671 for CVE-2016-5351", url: "https://bugzilla.suse.com/983671", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2016-5351", }, { cve: "CVE-2016-5352", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-5352", }, ], notes: [ { category: "general", text: "epan/crypt/airpdcap.c in the IEEE 802.11 dissector in Wireshark 2.x before 2.0.4 mishandles certain length values, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-5352", url: "https://www.suse.com/security/cve/CVE-2016-5352", }, { category: "external", summary: "SUSE Bug 983671 for CVE-2016-5352", url: "https://bugzilla.suse.com/983671", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2016-5352", }, { cve: "CVE-2016-5353", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-5353", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles the reserved C/T value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-5353", url: "https://www.suse.com/security/cve/CVE-2016-5353", }, { category: "external", summary: "SUSE Bug 983671 for CVE-2016-5353", url: "https://bugzilla.suse.com/983671", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2016-5353", }, { cve: "CVE-2016-5354", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-5354", }, ], notes: [ { category: "general", text: "The USB subsystem in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles class types, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-5354", url: "https://www.suse.com/security/cve/CVE-2016-5354", }, { category: "external", summary: "SUSE Bug 983671 for CVE-2016-5354", url: "https://bugzilla.suse.com/983671", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2016-5354", }, { cve: "CVE-2016-5355", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-5355", }, ], notes: [ { category: "general", text: "wiretap/toshiba.c in the Toshiba file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-5355", url: "https://www.suse.com/security/cve/CVE-2016-5355", }, { category: "external", summary: "SUSE Bug 983671 for CVE-2016-5355", url: "https://bugzilla.suse.com/983671", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2016-5355", }, { cve: "CVE-2016-5356", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-5356", }, ], notes: [ { category: "general", text: "wiretap/cosine.c in the CoSine file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-5356", url: "https://www.suse.com/security/cve/CVE-2016-5356", }, { category: "external", summary: "SUSE Bug 983671 for CVE-2016-5356", url: "https://bugzilla.suse.com/983671", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2016-5356", }, { cve: "CVE-2016-5357", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-5357", }, ], notes: [ { category: "general", text: "wiretap/netscreen.c in the NetScreen file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-5357", url: "https://www.suse.com/security/cve/CVE-2016-5357", }, { category: "external", summary: "SUSE Bug 983671 for CVE-2016-5357", url: "https://bugzilla.suse.com/983671", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2016-5357", }, { cve: "CVE-2016-5358", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-5358", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-pktap.c in the Ethernet dissector in Wireshark 2.x before 2.0.4 mishandles the packet-header data type, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-5358", url: "https://www.suse.com/security/cve/CVE-2016-5358", }, { category: "external", summary: "SUSE Bug 983671 for CVE-2016-5358", url: "https://bugzilla.suse.com/983671", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "important", }, ], title: "CVE-2016-5358", }, { cve: "CVE-2016-6505", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-6505", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-packetbb.c in the PacketBB dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-6505", url: "https://www.suse.com/security/cve/CVE-2016-6505", }, { category: "external", summary: "SUSE Bug 991013 for CVE-2016-6505", url: "https://bugzilla.suse.com/991013", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-6505", }, { cve: "CVE-2016-6508", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-6508", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (large loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-6508", url: "https://www.suse.com/security/cve/CVE-2016-6508", }, { category: "external", summary: "SUSE Bug 991017 for CVE-2016-6508", url: "https://bugzilla.suse.com/991017", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-6508", }, { cve: "CVE-2016-6509", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-6509", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-ldss.c in the LDSS dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 mishandles conversations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-6509", url: "https://www.suse.com/security/cve/CVE-2016-6509", }, { category: "external", summary: "SUSE Bug 991018 for CVE-2016-6509", url: "https://bugzilla.suse.com/991018", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-6509", }, { cve: "CVE-2016-6510", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-6510", }, ], notes: [ { category: "general", text: "Off-by-one error in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-6510", url: "https://www.suse.com/security/cve/CVE-2016-6510", }, { category: "external", summary: "SUSE Bug 991019 for CVE-2016-6510", url: "https://bugzilla.suse.com/991019", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-6510", }, { cve: "CVE-2016-6511", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-6511", }, ], notes: [ { category: "general", text: "epan/proto.c in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (OpenFlow dissector large loop) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-6511", url: "https://www.suse.com/security/cve/CVE-2016-6511", }, { category: "external", summary: "SUSE Bug 991020 for CVE-2016-6511", url: "https://bugzilla.suse.com/991020", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-6511", }, { cve: "CVE-2016-6512", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-6512", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-wap.c in Wireshark 2.x before 2.0.5 omits an overflow check in the tvb_get_guintvar function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet, related to the MMSE, WAP, WBXML, and WSP dissectors.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-6512", url: "https://www.suse.com/security/cve/CVE-2016-6512", }, { category: "external", summary: "SUSE Bug 991021 for CVE-2016-6512", url: "https://bugzilla.suse.com/991021", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-6512", }, { cve: "CVE-2016-6513", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-6513", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshark 2.x before 2.0.5 does not restrict the recursion depth, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-6513", url: "https://www.suse.com/security/cve/CVE-2016-6513", }, { category: "external", summary: "SUSE Bug 991022 for CVE-2016-6513", url: "https://bugzilla.suse.com/991022", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-6513", }, { cve: "CVE-2016-7175", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-7175", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector in Wireshark 2.x before 2.0.6 mishandles MAC address data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-7175", url: "https://www.suse.com/security/cve/CVE-2016-7175", }, { category: "external", summary: "SUSE Bug 998099 for CVE-2016-7175", url: "https://bugzilla.suse.com/998099", }, { category: "external", summary: "SUSE Bug 998761 for CVE-2016-7175", url: "https://bugzilla.suse.com/998761", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-7175", }, { cve: "CVE-2016-7176", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-7176", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-h225.c in the H.225 dissector in Wireshark 2.x before 2.0.6 calls snprintf with one of its input buffers as the output buffer, which allows remote attackers to cause a denial of service (copy overlap and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-7176", url: "https://www.suse.com/security/cve/CVE-2016-7176", }, { category: "external", summary: "SUSE Bug 998099 for CVE-2016-7176", url: "https://bugzilla.suse.com/998099", }, { category: "external", summary: "SUSE Bug 998762 for CVE-2016-7176", url: "https://bugzilla.suse.com/998762", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-7176", }, { cve: "CVE-2016-7177", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-7177", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 does not restrict the number of channels, which allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-7177", url: "https://www.suse.com/security/cve/CVE-2016-7177", }, { category: "external", summary: "SUSE Bug 998099 for CVE-2016-7177", url: "https://bugzilla.suse.com/998099", }, { category: "external", summary: "SUSE Bug 998763 for CVE-2016-7177", url: "https://bugzilla.suse.com/998763", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-7177", }, { cve: "CVE-2016-7178", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-7178", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 2.x before 2.0.6 does not ensure that memory is allocated for certain data structures, which allows remote attackers to cause a denial of service (invalid write access and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-7178", url: "https://www.suse.com/security/cve/CVE-2016-7178", }, { category: "external", summary: "SUSE Bug 998099 for CVE-2016-7178", url: "https://bugzilla.suse.com/998099", }, { category: "external", summary: "SUSE Bug 998964 for CVE-2016-7178", url: "https://bugzilla.suse.com/998964", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-7178", }, { cve: "CVE-2016-7179", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-7179", }, ], notes: [ { category: "general", text: "Stack-based buffer overflow in epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-7179", url: "https://www.suse.com/security/cve/CVE-2016-7179", }, { category: "external", summary: "SUSE Bug 998099 for CVE-2016-7179", url: "https://bugzilla.suse.com/998099", }, { category: "external", summary: "SUSE Bug 998963 for CVE-2016-7179", url: "https://bugzilla.suse.com/998963", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-7179", }, { cve: "CVE-2016-7180", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-7180", }, ], notes: [ { category: "general", text: "epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector in Wireshark 2.x before 2.0.6 does not properly consider whether a string is constant, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-7180", url: "https://www.suse.com/security/cve/CVE-2016-7180", }, { category: "external", summary: "SUSE Bug 998099 for CVE-2016-7180", url: "https://bugzilla.suse.com/998099", }, { category: "external", summary: "SUSE Bug 998800 for CVE-2016-7180", url: "https://bugzilla.suse.com/998800", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-7180", }, { cve: "CVE-2016-9372", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-9372", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.1, the Profinet I/O dissector could loop excessively, triggered by network traffic or a capture file. This was addressed in plugins/profinet/packet-pn-rtc-one.c by rejecting input with too many I/O objects.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-9372", url: "https://www.suse.com/security/cve/CVE-2016-9372", }, { category: "external", summary: "SUSE Bug 1010807 for CVE-2016-9372", url: "https://bugzilla.suse.com/1010807", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-9372", }, { cve: "CVE-2016-9373", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-9373", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dcerpc-nt.c and epan/dissectors/packet-dcerpc-spoolss.c by using the wmem file scope for private strings.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-9373", url: "https://www.suse.com/security/cve/CVE-2016-9373", }, { category: "external", summary: "SUSE Bug 1010754 for CVE-2016-9373", url: "https://bugzilla.suse.com/1010754", }, { category: "external", summary: "SUSE Bug 1010911 for CVE-2016-9373", url: "https://bugzilla.suse.com/1010911", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-9373", }, { cve: "CVE-2016-9374", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-9374", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-alljoyn.c by ensuring that a length variable properly tracked the state of a signature variable.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-9374", url: "https://www.suse.com/security/cve/CVE-2016-9374", }, { category: "external", summary: "SUSE Bug 1010752 for CVE-2016-9374", url: "https://bugzilla.suse.com/1010752", }, { category: "external", summary: "SUSE Bug 1010911 for CVE-2016-9374", url: "https://bugzilla.suse.com/1010911", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-9374", }, { cve: "CVE-2016-9375", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-9375", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dtn.c by checking whether SDNV evaluation was successful.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-9375", url: "https://www.suse.com/security/cve/CVE-2016-9375", }, { category: "external", summary: "SUSE Bug 1010740 for CVE-2016-9375", url: "https://bugzilla.suse.com/1010740", }, { category: "external", summary: "SUSE Bug 1010911 for CVE-2016-9375", url: "https://bugzilla.suse.com/1010911", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-9375", }, { cve: "CVE-2016-9376", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2016-9376", }, ], notes: [ { category: "general", text: "In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-openflow_v5.c by ensuring that certain length values were sufficiently large.", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2016-9376", url: "https://www.suse.com/security/cve/CVE-2016-9376", }, { category: "external", summary: "SUSE Bug 1010735 for CVE-2016-9376", url: "https://bugzilla.suse.com/1010735", }, { category: "external", summary: "SUSE Bug 1010911 for CVE-2016-9376", url: "https://bugzilla.suse.com/1010911", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.0", }, products: [ "openSUSE Tumbleweed:wireshark-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-devel-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-gtk-2.2.2-1.1.x86_64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.aarch64", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.ppc64le", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.s390x", "openSUSE Tumbleweed:wireshark-ui-qt-2.2.2-1.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2024-06-15T00:00:00Z", details: "moderate", }, ], title: "CVE-2016-9376", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.