VIR Vulnerability Intelligence Relay

CVE-2015-3812

high
Published 2015-05-26 · Modified 2026-05-06
CVSS v3
CVSS v2
7.8
VIR risk
7.8

Description

Multiple memory leaks in the x11_init_protocol function in epan/dissectors/packet-x11.c in the X11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 allow remote attackers to cause a denial of service (memory consumption) via a crafted packet.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2015-3812

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11088

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — http://www.wireshark.org/security/wnpa-sec-2015-15.html

OS impact
OSVersionStatusFixed in
debian debianbookwormfixed1.12.5+g5819e5b-1
debian debianbullseyefixed1.12.5+g5819e5b-1
debian debianforkyfixed1.12.5+g5819e5b-1
debian debiansidfixed1.12.5+g5819e5b-1
debian debiantrixiefixed1.12.5+g5819e5b-1

Application impact
VendorProductVersionsFixed
wiresharkwireshark1.10.0
wiresharkwireshark1.10.1
wiresharkwireshark1.10.2
wiresharkwireshark1.10.3
wiresharkwireshark1.10.4
wiresharkwireshark1.10.5
wiresharkwireshark1.10.6
wiresharkwireshark1.10.7
wiresharkwireshark1.10.8
wiresharkwireshark1.10.9
wiresharkwireshark1.10.10
wiresharkwireshark1.10.11
wiresharkwireshark1.10.12
wiresharkwireshark1.10.13
wiresharkwireshark1.12.0
wiresharkwireshark1.12.1
wiresharkwireshark1.12.2
wiresharkwireshark1.12.3
wiresharkwireshark1.12.4

References

CWEs

CWE-399

Verify integrity in audit chain (admin only). AS-IS.