VYPR

Wireshark

by Wireshark

Source repositories

CVEs (736)

  • CVE-2011-2597Jul 7, 2011
    risk 0.00cvss epss 0.03

    The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0 allows remote attackers to cause a denial of service (infinite loop) via malformed packets.

  • CVE-2011-2175Jun 6, 2011
    risk 0.00cvss epss 0.02

    Integer underflow in the visual_read function in wiretap/visual.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a malformed Visual Networks file that triggers a heap-based buffer over-read.

  • CVE-2011-2174Jun 6, 2011
    risk 0.00cvss epss 0.02

    Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a packet with malformed data that uses zlib compression.

  • CVE-2011-1959Jun 6, 2011
    risk 0.00cvss epss 0.03

    The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service (application crash) via a large length value in a snoop file that…

  • CVE-2011-1958Jun 6, 2011
    risk 0.00cvss epss 0.03

    Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Diameter dictionary file.

  • CVE-2011-1957Jun 6, 2011
    risk 0.00cvss epss 0.03

    The dissect_dcm_main function in epan/dissectors/packet-dcm.c in the DICOM dissector in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (infinite loop) via an invalid PDU length.

  • CVE-2011-1592Apr 29, 2011
    risk 0.00cvss epss 0.02

    The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x before 1.4.5 on Windows uses an incorrect integer data type during decoding of SETCLIENTID calls, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file.

  • CVE-2011-1590Apr 29, 2011
    risk 0.00cvss epss 0.02

    The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file.

  • CVE-2011-0024Mar 28, 2011
    risk 0.00cvss epss 0.05

    Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted capture file.

  • CVE-2011-1141Mar 3, 2011
    risk 0.00cvss epss 0.04

    epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many elements.

  • CVE-2011-1139Mar 3, 2011
    risk 0.00cvss epss 0.03

    wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) via a pcap-ng file that contains a large packet-length field.

  • CVE-2011-1138Mar 3, 2011
    risk 0.00cvss epss 0.03

    Off-by-one error in the dissect_6lowpan_iphc function in packet-6lowpan.c in Wireshark 1.4.0 through 1.4.3 on 32-bit platforms allows remote attackers to cause a denial of service (application crash) via a malformed 6LoWPAN IPv6 packet.

  • CVE-2011-0713Mar 3, 2011
    risk 0.00cvss epss 0.03

    Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file.

  • CVE-2011-0445Jan 13, 2011
    risk 0.00cvss epss 0.03

    The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (assertion failure) via crafted packets, as demonstrated by fuzz-2010-12-30-28473.pcap.

  • CVE-2010-3445Nov 26, 2010
    risk 0.00cvss epss 0.04

    Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long…

  • CVE-2010-2994Aug 13, 2010
    risk 0.00cvss epss 0.02

    Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.14 and 1.2.0 through 1.2.9 has unknown impact and remote attack vectors. NOTE: this issue exists because of a CVE-2010-2284 regression.

  • CVE-2010-2993Aug 13, 2010
    risk 0.00cvss epss 0.02

    The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.

  • CVE-2010-2992Aug 13, 2010
    risk 0.00cvss epss 0.03

    packet-gsm_a_rr.c in the GSM A RR dissector in Wireshark 1.2.2 through 1.2.9 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger a NULL pointer dereference.

  • CVE-2010-2287Jun 15, 2010
    risk 0.00cvss epss 0.01

    Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors.

  • CVE-2010-2286Jun 15, 2010
    risk 0.00cvss epss 0.01

    The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.

Page 33 of 37