Total
637 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-3133 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 9.3 HIGH | N/A |
Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as a file that automatically launches Wireshark. | |||||
CVE-2010-3445 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 5.0 MEDIUM | N/A |
Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long string in an unknown ASN.1/BER encoded packet, as demonstrated using SNMP. | |||||
CVE-2010-4300 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 7.5 HIGH | N/A |
Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an LDSS packet with a long digest line that triggers memory corruption. | |||||
CVE-2010-4301 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 5.0 MEDIUM | N/A |
epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted ZCL packet, related to Discover Attributes. | |||||
CVE-2010-1455 | 2 Ethereal Group, Wireshark | 2 Ethereal, Wireshark | 2017-09-18 | 4.3 MEDIUM | N/A |
The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file. | |||||
CVE-2010-0304 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 7.5 HIGH | N/A |
Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allow remote attackers to cause a denial of service (crash) via a malformed packet, as demonstrated using a stack-based buffer overflow to the dissect_getaddrsbyname_request function. | |||||
CVE-2009-3829 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 9.3 HIGH | N/A |
Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability." | |||||
CVE-2009-2559 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 5.0 MEDIUM | N/A |
Buffer overflow in the IPMI dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an array index error. NOTE: some of these details are obtained from third party information. | |||||
CVE-2009-2560 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 5.0 MEDIUM | N/A |
Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace and is processed by the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP dissector. NOTE: it was later reported that the RADIUS issue also affects 0.10.13 through 1.0.9. | |||||
CVE-2009-2561 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the sFlow dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via unspecified vectors. | |||||
CVE-2009-2562 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. | |||||
CVE-2009-2563 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 7.1 HIGH | N/A |
Unspecified vulnerability in the Infiniband dissector in Wireshark 1.0.6 through 1.2.0, when running on unspecified platforms, allows remote attackers to cause a denial of service (crash) via unknown vectors. | |||||
CVE-2009-3241 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 7.8 HIGH | N/A |
Unspecified vulnerability in the OpcUa (OPC UA) dissector in Wireshark 0.99.6 through 1.0.8 and 1.2.0 through 1.2.1 allows remote attackers to cause a denial of service (memory and CPU consumption) via malformed OPCUA Service CallRequest packets. | |||||
CVE-2009-3242 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in packet.c in the GSM A RR dissector in Wireshark 1.2.0 and 1.2.1 allows remote attackers to cause a denial of service (application crash) via unknown vectors related to "an uninitialized dissector handle," which triggers an assertion failure. | |||||
CVE-2009-3243 | 2 Microsoft, Wireshark | 2 Windows, Wireshark | 2017-09-18 | 5.0 MEDIUM | N/A |
Unspecified vulnerability in the TLS dissector in Wireshark 1.2.0 and 1.2.1, when running on Windows, allows remote attackers to cause a denial of service (application crash) via unknown vectors related to TLS 1.2 conversations. | |||||
CVE-2009-3549 | 2 Sun, Wireshark | 2 Sparc, Wireshark | 2017-09-18 | 5.0 MEDIUM | N/A |
packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through 1.2.2, on SPARC and certain other platforms, allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace. | |||||
CVE-2009-4378 | 2 Microsoft, Wireshark | 2 Windows, Wireshark | 2017-09-18 | 4.3 MEDIUM | N/A |
The IPMI dissector in Wireshark 1.2.0 through 1.2.4 on Windows allows remote attackers to cause a denial of service (crash) via a crafted packet, related to "formatting a date/time using strftime." | |||||
CVE-2009-4376 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 9.3 HIGH | N/A |
Buffer overflow in the daintree_sna_read function in the Daintree SNA file parser in Wireshark 1.2.0 through 1.2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet. | |||||
CVE-2009-4377 | 1 Wireshark | 1 Wireshark | 2017-09-18 | 4.3 MEDIUM | N/A |
The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pcap. | |||||
CVE-2015-7830 | 2 Oracle, Wireshark | 2 Solaris, Wireshark | 2017-09-14 | 4.3 MEDIUM | N/A |
The pcapng_read_if_descr_block function in wiretap/pcapng.c in the pcapng parser in Wireshark 1.12.x before 1.12.8 uses too many levels of pointer indirection, which allows remote attackers to cause a denial of service (incorrect free and application crash) via a crafted packet that triggers interface-filter copying. |