{ "threat_severity" : "Moderate", "public_date" : "2018-11-27T00:00:00Z", "bugzilla" : { "description" : "wireshark: DCOM dissector crash resulting in information leak", "id" : "1655936", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1655936" }, "cvss3" : { "cvss3_base_score" : "6.5", "cvss3_scoring_vector" : "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H", "status" : "draft" }, "cwe" : "CWE-456", "details" : [ "In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash. This was addressed in epan/dissectors/packet-dcom.c by adding '\\0' termination.", "Missing initialization of buffer in DCOM dissector could allow Wireshark to crash when parsing a specially crafted pcap file. A remote attacker could cause a denial of service to Wireshark by injecting malicious packets into the network that are automatically processed. Moreover, the content of uninitialized stack memory is leaked to the local user via Wireshark, causing an information leak as secondary impact." ], "statement" : "This issue did not affect the versions of wireshark as shipped with Red Hat Enterprise Linux 5, 6 and 7.", "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Not affected", "package_name" : "wireshark", "cpe" : "cpe:/o:redhat:enterprise_linux:5" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Not affected", "package_name" : "wireshark", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "wireshark", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "wireshark", "cpe" : "cpe:/o:redhat:enterprise_linux:8" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2018-19626\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-19626\nhttps://www.wireshark.org/security/wnpa-sec-2018-52.html" ], "name" : "CVE-2018-19626", "csaw" : false }