Vulnerability Details CVE-2017-15190
In Wireshark 2.4.0 to 2.4.1, the RTSP dissector could crash. This was addressed in epan/dissectors/packet-rtsp.c by correcting the scope of a variable.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.3%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://www.securityfocus.com/bid/101229
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14077
- https://code.wireshark.org/review/23635
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=e27870eaa6efa1c2dac08aa41a67fe9f0839e6e0
- https://www.wireshark.org/security/wnpa-sec-2017-45.html
- http://www.securityfocus.com/bid/101229
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14077
- https://code.wireshark.org/review/23635
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=e27870eaa6efa1c2dac08aa41a67fe9f0839e6e0
- https://www.wireshark.org/security/wnpa-sec-2017-45.html