cve/2015/CVE-2015-8714.md

CVE-2015-8714

Description

The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

POC

Reference

• http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html

Github

• https://github.com/ARPSyndicate/cvemon
• https://github.com/brianhigh/us-cert-bulletins