rpm package
suse/wireshark&distro=SUSE Linux Enterprise Desktop 12
pkg:rpm/suse/wireshark&distro=SUSE%20Linux%20Enterprise%20Desktop%2012
Vulnerabilities (50)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-3811 | — | < 1.10.14-12.1 | 1.10.14-12.1 | May 26, 2015 | epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 improperly refers to previously processed bytes, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, a different vulnerab | ||
| CVE-2015-2191 | — | < 1.10.13-8.1 | 1.10.13-8.1 | Mar 8, 2015 | Integer overflow in the dissect_tnef function in epan/dissectors/packet-tnef.c in the TNEF dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet. | ||
| CVE-2015-2189 | — | < 1.10.13-8.1 | 1.10.13-8.1 | Mar 8, 2015 | Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via an invalid Interface Statisti | ||
| CVE-2015-2188 | — | < 1.10.13-8.1 | 1.10.13-8.1 | Mar 8, 2015 | epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet | ||
| CVE-2015-0564 | — | < 1.10.12-4.1 | 1.10.12-4.1 | Jan 10, 2015 | Buffer underflow in the ssl_decrypt_record function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet that is improperly handled during de | ||
| CVE-2015-0563 | — | < 1.10.12-4.1 | 1.10.12-4.1 | Jan 10, 2015 | epan/dissectors/packet-smtp.c in the SMTP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 uses an incorrect length value for certain string-append operations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet | ||
| CVE-2015-0562 | — | < 1.10.12-4.1 | 1.10.12-4.1 | Jan 10, 2015 | Multiple use-after-free vulnerabilities in epan/dissectors/packet-dec-dnart.c in the DEC DNA Routing Protocol dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted packet, relate | ||
| CVE-2015-0561 | — | < 1.10.12-4.1 | 1.10.12-4.1 | Jan 10, 2015 | asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet. | ||
| CVE-2015-0560 | — | < 1.10.12-4.1 | 1.10.12-4.1 | Jan 10, 2015 | The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not initialize certain data structures, which allows remote attackers to cause a denial of service (application | ||
| CVE-2015-0559 | — | < 1.10.12-4.1 | 1.10.12-4.1 | Jan 10, 2015 | Multiple use-after-free vulnerabilities in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted packet, related to the use of packet-sc |
- CVE-2015-3811May 26, 2015affected < 1.10.14-12.1fixed 1.10.14-12.1
epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 improperly refers to previously processed bytes, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, a different vulnerab
- CVE-2015-2191Mar 8, 2015affected < 1.10.13-8.1fixed 1.10.13-8.1
Integer overflow in the dissect_tnef function in epan/dissectors/packet-tnef.c in the TNEF dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet.
- CVE-2015-2189Mar 8, 2015affected < 1.10.13-8.1fixed 1.10.13-8.1
Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via an invalid Interface Statisti
- CVE-2015-2188Mar 8, 2015affected < 1.10.13-8.1fixed 1.10.13-8.1
epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet
- CVE-2015-0564Jan 10, 2015affected < 1.10.12-4.1fixed 1.10.12-4.1
Buffer underflow in the ssl_decrypt_record function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet that is improperly handled during de
- CVE-2015-0563Jan 10, 2015affected < 1.10.12-4.1fixed 1.10.12-4.1
epan/dissectors/packet-smtp.c in the SMTP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 uses an incorrect length value for certain string-append operations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet
- CVE-2015-0562Jan 10, 2015affected < 1.10.12-4.1fixed 1.10.12-4.1
Multiple use-after-free vulnerabilities in epan/dissectors/packet-dec-dnart.c in the DEC DNA Routing Protocol dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted packet, relate
- CVE-2015-0561Jan 10, 2015affected < 1.10.12-4.1fixed 1.10.12-4.1
asn1/lpp/lpp.cnf in the LPP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not validate a certain index value, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.
- CVE-2015-0560Jan 10, 2015affected < 1.10.12-4.1fixed 1.10.12-4.1
The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not initialize certain data structures, which allows remote attackers to cause a denial of service (application
- CVE-2015-0559Jan 10, 2015affected < 1.10.12-4.1fixed 1.10.12-4.1
Multiple use-after-free vulnerabilities in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application crash) via a crafted packet, related to the use of packet-sc
Page 3 of 3