Vendor CVEs
Wireshark
All CVEs
736 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2011-1139 | 0.00 | — | 0.03 | Mar 3, 2011 | wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) via a pcap-ng file that contains a large packet-length field. | |||
| CVE-2011-1138 | 0.00 | — | 0.03 | Mar 3, 2011 | Off-by-one error in the dissect_6lowpan_iphc function in packet-6lowpan.c in Wireshark 1.4.0 through 1.4.3 on 32-bit platforms allows remote attackers to cause a denial of service (application crash) via a malformed 6LoWPAN IPv6 packet. | |||
| CVE-2011-0713 | 0.00 | — | 0.03 | Mar 3, 2011 | Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file. | |||
| CVE-2011-0445 | 0.00 | — | 0.03 | Jan 13, 2011 | The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (assertion failure) via crafted packets, as demonstrated by fuzz-2010-12-30-28473.pcap. | |||
| CVE-2010-3445 | 0.00 | — | 0.04 | Nov 26, 2010 | Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long… | |||
| CVE-2010-2994 | 0.00 | — | 0.02 | Aug 13, 2010 | Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.14 and 1.2.0 through 1.2.9 has unknown impact and remote attack vectors. NOTE: this issue exists because of a CVE-2010-2284 regression. | |||
| CVE-2010-2993 | 0.00 | — | 0.02 | Aug 13, 2010 | The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | |||
| CVE-2010-2992 | 0.00 | — | 0.03 | Aug 13, 2010 | packet-gsm_a_rr.c in the GSM A RR dissector in Wireshark 1.2.2 through 1.2.9 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger a NULL pointer dereference. | |||
| CVE-2010-2287 | 0.00 | — | 0.01 | Jun 15, 2010 | Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. | |||
| CVE-2010-2286 | 0.00 | — | 0.01 | Jun 15, 2010 | The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | |||
| CVE-2010-2285 | 0.00 | — | 0.01 | Jun 15, 2010 | The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. | |||
| CVE-2010-2284 | 0.00 | — | 0.01 | Jun 15, 2010 | Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. | |||
| CVE-2010-2283 | 0.00 | — | 0.01 | Jun 15, 2010 | The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. | |||
| CVE-2010-1455 | 0.00 | — | 0.02 | May 12, 2010 | The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file. | |||
| CVE-2009-4378 | 0.00 | — | 0.02 | Dec 21, 2009 | The IPMI dissector in Wireshark 1.2.0 through 1.2.4 on Windows allows remote attackers to cause a denial of service (crash) via a crafted packet, related to "formatting a date/time using strftime." | |||
| CVE-2009-4377 | 0.00 | — | 0.03 | Dec 21, 2009 | The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pcap. | |||
| CVE-2009-3829 | 0.00 | — | 0.06 | Oct 30, 2009 | Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability." | |||
| CVE-2009-3551 | 0.00 | — | 0.02 | Oct 30, 2009 | Off-by-one error in the dissect_negprot_response function in packet-smb.c in the SMB dissector in Wireshark 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace. NOTE: some of these details… | |||
| CVE-2009-3550 | 0.00 | — | 0.02 | Oct 30, 2009 | The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained… | |||
| CVE-2009-3549 | 0.00 | — | 0.03 | Oct 30, 2009 | packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through 1.2.2, on SPARC and certain other platforms, allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace. | |||
| CVE-2009-2563 | 0.00 | — | 0.03 | Jul 21, 2009 | Unspecified vulnerability in the Infiniband dissector in Wireshark 1.0.6 through 1.2.0, when running on unspecified platforms, allows remote attackers to cause a denial of service (crash) via unknown vectors. | |||
| CVE-2009-2562 | 0.00 | — | 0.03 | Jul 21, 2009 | Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. | |||
| CVE-2009-2561 | 0.00 | — | 0.02 | Jul 21, 2009 | Unspecified vulnerability in the sFlow dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via unspecified vectors. | |||
| CVE-2009-2560 | 0.00 | — | 0.02 | Jul 21, 2009 | Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace and is processed by the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP dissector. NOTE: it was later… | |||
| CVE-2009-2559 | 0.00 | — | 0.02 | Jul 21, 2009 | Buffer overflow in the IPMI dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an array index error. NOTE: some of these details are obtained from third party information. | |||
| CVE-2009-1829 | 0.00 | — | 0.02 | May 29, 2009 | Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 through 1.0.7 allows remote attackers to cause a denial of service (crash) via crafted PCNFSD packets. | |||
| CVE-2009-1266 | 0.00 | — | 0.02 | Apr 21, 2009 | Unspecified vulnerability in Wireshark before 1.0.7 has unknown impact and attack vectors. | |||
| CVE-2009-1269 | 0.00 | — | 0.02 | Apr 13, 2009 | Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file. | |||
| CVE-2009-1268 | 0.00 | — | 0.02 | Apr 13, 2009 | The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet. | |||
| CVE-2009-1267 | 0.00 | — | 0.02 | Apr 13, 2009 | Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors. | |||
| CVE-2008-6472 | 0.00 | — | 0.02 | Mar 14, 2009 | The WLCCP dissector in Wireshark 0.99.7 through 1.0.4 allows remote attackers to cause a denial of service (infinite loop) via unspecified vectors. | |||
| CVE-2009-0601 | 0.00 | — | 0.00 | Feb 16, 2009 | Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable. | |||
| CVE-2009-0600 | 0.00 | — | 0.02 | Feb 16, 2009 | Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted Tektronix K12 text capture file, as demonstrated by a file with exactly one frame. | |||
| CVE-2009-0599 | 0.00 | — | 0.03 | Feb 16, 2009 | Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed NetScreen snoop file. | |||
| CVE-2008-5285 | 0.00 | — | 0.02 | Dec 1, 2008 | Wireshark 1.0.4 and earlier allows remote attackers to cause a denial of service via a long SMTP request, which triggers an infinite loop. | |||
| CVE-2008-4685 | 0.00 | — | 0.02 | Oct 22, 2008 | Use-after-free vulnerability in the dissect_q931_cause_ie function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via certain packets that trigger an exception. | |||
| CVE-2008-4684 | 0.00 | — | 0.02 | Oct 22, 2008 | packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly handle exceptions thrown by post dissectors, which allows remote attackers to cause a denial of service (application crash) via a certain series of packets, as demonstrated by enabling the (1) PRP or (2) MATE post… | |||
| CVE-2008-4683 | 0.00 | — | 0.02 | Oct 22, 2008 | The dissect_btacl function in packet-bthci_acl.c in the Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a packet with an invalid length, related to an erroneous tvb_memcpy call. | |||
| CVE-2008-4681 | 0.00 | — | 0.02 | Oct 22, 2008 | Unspecified vulnerability in the Bluetooth RFCOMM dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via unknown packets. | |||
| CVE-2008-4680 | 0.00 | — | 0.03 | Oct 22, 2008 | packet-usb.c in the USB dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a malformed USB Request Block (URB). | |||
| CVE-2008-3933 | 0.00 | — | 0.01 | Sep 4, 2008 | Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers to cause a denial of service (crash) via a packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function. | |||
| CVE-2008-3932 | 0.00 | — | 0.02 | Sep 4, 2008 | Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to cause a denial of service (hang) via a crafted NCP packet that triggers an infinite loop. | |||
| CVE-2008-3934 | 0.00 | — | 0.01 | Sep 4, 2008 | Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file. | |||
| CVE-2008-3146 | 0.00 | — | 0.04 | Sep 2, 2008 | Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used. | |||
| CVE-2008-3145 | 0.00 | — | 0.02 | Jul 16, 2008 | The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote attackers to cause a denial of service (crash) via a series of fragmented packets with non-sequential fragmentation offset values, which lead to a buffer over-read. | |||
| CVE-2008-3138 | 0.00 | — | 0.02 | Jul 10, 2008 | The (1) PANA and (2) KISMET dissectors in Wireshark (formerly Ethereal) 0.99.3 through 1.0.0 allow remote attackers to cause a denial of service (application stop) via unknown vectors. | |||
| CVE-2008-3137 | 0.00 | — | 0.02 | Jul 10, 2008 | The GSM SMS dissector in Wireshark (formerly Ethereal) 0.99.2 through 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors. | |||
| CVE-2008-3139 | 0.00 | — | 0.03 | Jul 10, 2008 | The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: this might be due to a use-after-free error. | |||
| CVE-2008-3141 | 0.00 | — | 0.01 | Jul 10, 2008 | Unspecified vulnerability in the RMI dissector in Wireshark (formerly Ethereal) 0.9.5 through 1.0.0 allows remote attackers to read system memory via unspecified vectors. | |||
| CVE-2008-1071 | 0.00 | — | 0.02 | Feb 28, 2008 | The SNMP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.7 allows remote attackers to cause a denial of service (crash) via a malformed packet. |
- CVE-2011-1139Mar 3, 2011risk 0.00cvss —epss 0.03
wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) via a pcap-ng file that contains a large packet-length field.
- CVE-2011-1138Mar 3, 2011risk 0.00cvss —epss 0.03
Off-by-one error in the dissect_6lowpan_iphc function in packet-6lowpan.c in Wireshark 1.4.0 through 1.4.3 on 32-bit platforms allows remote attackers to cause a denial of service (application crash) via a malformed 6LoWPAN IPv6 packet.
- CVE-2011-0713Mar 3, 2011risk 0.00cvss —epss 0.03
Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file.
- CVE-2011-0445Jan 13, 2011risk 0.00cvss —epss 0.03
The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (assertion failure) via crafted packets, as demonstrated by fuzz-2010-12-30-28473.pcap.
- CVE-2010-3445Nov 26, 2010risk 0.00cvss —epss 0.04
Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long…
- CVE-2010-2994Aug 13, 2010risk 0.00cvss —epss 0.02
Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.14 and 1.2.0 through 1.2.9 has unknown impact and remote attack vectors. NOTE: this issue exists because of a CVE-2010-2284 regression.
- CVE-2010-2993Aug 13, 2010risk 0.00cvss —epss 0.02
The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
- CVE-2010-2992Aug 13, 2010risk 0.00cvss —epss 0.03
packet-gsm_a_rr.c in the GSM A RR dissector in Wireshark 1.2.2 through 1.2.9 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger a NULL pointer dereference.
- CVE-2010-2287Jun 15, 2010risk 0.00cvss —epss 0.01
Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors.
- CVE-2010-2286Jun 15, 2010risk 0.00cvss —epss 0.01
The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.
- CVE-2010-2285Jun 15, 2010risk 0.00cvss —epss 0.01
The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors.
- CVE-2010-2284Jun 15, 2010risk 0.00cvss —epss 0.01
Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors.
- CVE-2010-2283Jun 15, 2010risk 0.00cvss —epss 0.01
The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors.
- CVE-2010-1455May 12, 2010risk 0.00cvss —epss 0.02
The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file.
- CVE-2009-4378Dec 21, 2009risk 0.00cvss —epss 0.02
The IPMI dissector in Wireshark 1.2.0 through 1.2.4 on Windows allows remote attackers to cause a denial of service (crash) via a crafted packet, related to "formatting a date/time using strftime."
- CVE-2009-4377Dec 21, 2009risk 0.00cvss —epss 0.03
The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pcap.
- CVE-2009-3829Oct 30, 2009risk 0.00cvss —epss 0.06
Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability."
- CVE-2009-3551Oct 30, 2009risk 0.00cvss —epss 0.02
Off-by-one error in the dissect_negprot_response function in packet-smb.c in the SMB dissector in Wireshark 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace. NOTE: some of these details…
- CVE-2009-3550Oct 30, 2009risk 0.00cvss —epss 0.02
The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained…
- CVE-2009-3549Oct 30, 2009risk 0.00cvss —epss 0.03
packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through 1.2.2, on SPARC and certain other platforms, allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace.
- CVE-2009-2563Jul 21, 2009risk 0.00cvss —epss 0.03
Unspecified vulnerability in the Infiniband dissector in Wireshark 1.0.6 through 1.2.0, when running on unspecified platforms, allows remote attackers to cause a denial of service (crash) via unknown vectors.
- CVE-2009-2562Jul 21, 2009risk 0.00cvss —epss 0.03
Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors.
- CVE-2009-2561Jul 21, 2009risk 0.00cvss —epss 0.02
Unspecified vulnerability in the sFlow dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (CPU and memory consumption) via unspecified vectors.
- CVE-2009-2560Jul 21, 2009risk 0.00cvss —epss 0.02
Multiple unspecified vulnerabilities in Wireshark 1.2.0 allow remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace and is processed by the (1) Bluetooth L2CAP, (2) RADIUS, or (3) MIOP dissector. NOTE: it was later…
- CVE-2009-2559Jul 21, 2009risk 0.00cvss —epss 0.02
Buffer overflow in the IPMI dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an array index error. NOTE: some of these details are obtained from third party information.
- CVE-2009-1829May 29, 2009risk 0.00cvss —epss 0.02
Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 through 1.0.7 allows remote attackers to cause a denial of service (crash) via crafted PCNFSD packets.
- CVE-2009-1266Apr 21, 2009risk 0.00cvss —epss 0.02
Unspecified vulnerability in Wireshark before 1.0.7 has unknown impact and attack vectors.
- CVE-2009-1269Apr 13, 2009risk 0.00cvss —epss 0.02
Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.
- CVE-2009-1268Apr 13, 2009risk 0.00cvss —epss 0.02
The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet.
- CVE-2009-1267Apr 13, 2009risk 0.00cvss —epss 0.02
Unspecified vulnerability in the LDAP dissector in Wireshark 0.99.2 through 1.0.6, when running on Windows, allows remote attackers to cause a denial of service (crash) via unknown attack vectors.
- CVE-2008-6472Mar 14, 2009risk 0.00cvss —epss 0.02
The WLCCP dissector in Wireshark 0.99.7 through 1.0.4 allows remote attackers to cause a denial of service (infinite loop) via unspecified vectors.
- CVE-2009-0601Feb 16, 2009risk 0.00cvss —epss 0.00
Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable.
- CVE-2009-0600Feb 16, 2009risk 0.00cvss —epss 0.02
Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted Tektronix K12 text capture file, as demonstrated by a file with exactly one frame.
- CVE-2009-0599Feb 16, 2009risk 0.00cvss —epss 0.03
Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed NetScreen snoop file.
- CVE-2008-5285Dec 1, 2008risk 0.00cvss —epss 0.02
Wireshark 1.0.4 and earlier allows remote attackers to cause a denial of service via a long SMTP request, which triggers an infinite loop.
- CVE-2008-4685Oct 22, 2008risk 0.00cvss —epss 0.02
Use-after-free vulnerability in the dissect_q931_cause_ie function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via certain packets that trigger an exception.
- CVE-2008-4684Oct 22, 2008risk 0.00cvss —epss 0.02
packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly handle exceptions thrown by post dissectors, which allows remote attackers to cause a denial of service (application crash) via a certain series of packets, as demonstrated by enabling the (1) PRP or (2) MATE post…
- CVE-2008-4683Oct 22, 2008risk 0.00cvss —epss 0.02
The dissect_btacl function in packet-bthci_acl.c in the Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a packet with an invalid length, related to an erroneous tvb_memcpy call.
- CVE-2008-4681Oct 22, 2008risk 0.00cvss —epss 0.02
Unspecified vulnerability in the Bluetooth RFCOMM dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via unknown packets.
- CVE-2008-4680Oct 22, 2008risk 0.00cvss —epss 0.03
packet-usb.c in the USB dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a malformed USB Request Block (URB).
- CVE-2008-3933Sep 4, 2008risk 0.00cvss —epss 0.01
Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers to cause a denial of service (crash) via a packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function.
- CVE-2008-3932Sep 4, 2008risk 0.00cvss —epss 0.02
Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to cause a denial of service (hang) via a crafted NCP packet that triggers an infinite loop.
- CVE-2008-3934Sep 4, 2008risk 0.00cvss —epss 0.01
Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.
- CVE-2008-3146Sep 2, 2008risk 0.00cvss —epss 0.04
Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used.
- CVE-2008-3145Jul 16, 2008risk 0.00cvss —epss 0.02
The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote attackers to cause a denial of service (crash) via a series of fragmented packets with non-sequential fragmentation offset values, which lead to a buffer over-read.
- CVE-2008-3138Jul 10, 2008risk 0.00cvss —epss 0.02
The (1) PANA and (2) KISMET dissectors in Wireshark (formerly Ethereal) 0.99.3 through 1.0.0 allow remote attackers to cause a denial of service (application stop) via unknown vectors.
- CVE-2008-3137Jul 10, 2008risk 0.00cvss —epss 0.02
The GSM SMS dissector in Wireshark (formerly Ethereal) 0.99.2 through 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors.
- CVE-2008-3139Jul 10, 2008risk 0.00cvss —epss 0.03
The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: this might be due to a use-after-free error.
- CVE-2008-3141Jul 10, 2008risk 0.00cvss —epss 0.01
Unspecified vulnerability in the RMI dissector in Wireshark (formerly Ethereal) 0.9.5 through 1.0.0 allows remote attackers to read system memory via unspecified vectors.
- CVE-2008-1071Feb 28, 2008risk 0.00cvss —epss 0.02
The SNMP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.7 allows remote attackers to cause a denial of service (crash) via a malformed packet.
Page 14 of 15