Candidate: CVE-2015-3810
PublicDate: 2015-05-26 15:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3810
 https://www.wireshark.org/security/wnpa-sec-2015-13.html
Description:
 epan/dissectors/packet-websocket.c in the WebSocket dissector in Wireshark
 1.12.x before 1.12.5 uses a recursive algorithm, which allows remote
 attackers to cause a denial of service (CPU consumption) via a crafted
 packet.
Ubuntu-Description:
Notes:
 tyhicks> "Affected versions: 1.12.0 to 1.12.4"
Bugs:
 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10989
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_wireshark:
 upstream: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=4ee6bcbd2e03a25f1e6b0239558d9edeaf8040c0
upstream_wireshark: released (1.12.5+g5819e5b-1)
precise_wireshark: not-affected
trusty_wireshark: not-affected (1.10.6-1)
trusty/esm_wireshark: not-affected (1.10.6-1)
utopic_wireshark: ignored (reached end-of-life)
vivid_wireshark: released (1.12.1+g01b65bf-4+deb8u1build0.15.04.1)
devel_wireshark: not-affected (1.12.5+g5819e5b-1)