Total
637 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-6062 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 5.0 MEDIUM | N/A |
| The dissect_rtcp_app function in epan/dissectors/packet-rtcp.c in the RTCP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. | |||||
| CVE-2011-4100 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 4.3 MEDIUM | N/A |
| The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.3 does not initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | |||||
| CVE-2012-0043 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 5.8 MEDIUM | N/A |
| Buffer overflow in the reassemble_message function in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a series of fragmented RLC packets. | |||||
| CVE-2012-0042 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2017-09-18 | 2.9 LOW | N/A |
| Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 does not properly perform certain string conversions, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet, related to epan/to_str.c. | |||||
| CVE-2012-0041 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2017-09-18 | 4.3 MEDIUM | N/A |
| The dissect_packet function in epan/packet.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in a capture file, as demonstrated by an airopeek file. | |||||
| CVE-2011-4102 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 4.3 MEDIUM | N/A |
| Heap-based buffer overflow in the erf_read_header function in wiretap/erf.c in the ERF file parser in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (application crash) via a malformed file. | |||||
| CVE-2011-4101 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 4.3 MEDIUM | N/A |
| The dissect_infiniband_common function in epan/dissectors/packet-infiniband.c in the Infiniband dissector in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet. | |||||
| CVE-2012-2392 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 3.3 LOW | N/A |
| Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allows remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) ANSI MAP, (2) ASF, (3) IEEE 802.11, (4) IEEE 802.3, and (5) LTP dissectors. | |||||
| CVE-2012-2393 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 3.3 LOW | N/A |
| epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 does not properly construct certain array data structures, which allows remote attackers to cause a denial of service (application crash) via a crafted packet that triggers incorrect memory allocation. | |||||
| CVE-2012-0066 | 2 Redhat, Wireshark | 2 Enterprise Linux, Wireshark | 2017-09-18 | 4.3 MEDIUM | N/A |
| Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in a (1) Accellent 5Views (aka .5vw) file, (2) I4B trace file, or (3) NETMON 2 capture file. | |||||
| CVE-2011-3482 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 4.3 MEDIUM | N/A |
| The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.2 does not initialize a certain structure member, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | |||||
| CVE-2011-2597 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 4.3 MEDIUM | N/A |
| The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0 allows remote attackers to cause a denial of service (infinite loop) via malformed packets. | |||||
| CVE-2011-3360 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 9.3 HIGH | N/A |
| Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2 allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory. | |||||
| CVE-2011-3484 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 4.3 MEDIUM | N/A |
| The unxorFrame function in epan/dissectors/packet-opensafety.c in the OpenSafety dissector in Wireshark 1.6.x before 1.6.2 does not properly validate a certain frame size, which allows remote attackers to cause a denial of service (loop and application crash) via a malformed packet. | |||||
| CVE-2011-3483 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 4.3 MEDIUM | N/A |
| Wireshark 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (application crash) via a malformed capture file that leads to an invalid root tvbuff, related to a "buffer exception handling vulnerability." | |||||
| CVE-2011-1956 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 4.3 MEDIUM | N/A |
| The bytes_repr_len function in Wireshark 1.4.5 uses an incorrect pointer argument, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via arbitrary TCP traffic. | |||||
| CVE-2011-1139 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 4.3 MEDIUM | N/A |
| wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) via a pcap-ng file that contains a large packet-length field. | |||||
| CVE-2011-0538 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 6.8 MEDIUM | N/A |
| Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file. | |||||
| CVE-2011-1140 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 4.3 MEDIUM | N/A |
| Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service (infinite recursion) via a crafted (1) SMB or (2) Connection-less LDAP (CLDAP) packet. | |||||
| CVE-2011-1141 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 4.3 MEDIUM | N/A |
| epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many elements. | |||||