Filtered by vendor Wireshark
Subscribe
Total
649 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2011-1142 | 1 Wireshark | 1 Wireshark | 2024-02-04 | 5.0 MEDIUM | N/A |
Stack consumption vulnerability in the dissect_ber_choice function in the BER dissector in Wireshark 1.2.x through 1.2.15 and 1.4.x through 1.4.4 might allow remote attackers to cause a denial of service (infinite loop) via vectors involving self-referential ASN.1 CHOICE values. | |||||
CVE-2011-1143 | 1 Wireshark | 1 Wireshark | 2024-02-04 | 4.3 MEDIUM | N/A |
epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file. | |||||
CVE-2010-4301 | 1 Wireshark | 1 Wireshark | 2024-02-04 | 5.0 MEDIUM | N/A |
epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted ZCL packet, related to Discover Attributes. | |||||
CVE-2011-1957 | 1 Wireshark | 1 Wireshark | 2024-02-04 | 4.3 MEDIUM | N/A |
The dissect_dcm_main function in epan/dissectors/packet-dcm.c in the DICOM dissector in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (infinite loop) via an invalid PDU length. | |||||
CVE-2011-2174 | 1 Wireshark | 1 Wireshark | 2024-02-04 | 4.3 MEDIUM | N/A |
Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a packet with malformed data that uses zlib compression. | |||||
CVE-2010-2286 | 1 Wireshark | 1 Wireshark | 2024-02-04 | 3.3 LOW | N/A |
The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | |||||
CVE-2011-1140 | 1 Wireshark | 1 Wireshark | 2024-02-04 | 4.3 MEDIUM | N/A |
Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service (infinite recursion) via a crafted (1) SMB or (2) Connection-less LDAP (CLDAP) packet. | |||||
CVE-2011-1138 | 1 Wireshark | 1 Wireshark | 2024-02-04 | 4.3 MEDIUM | N/A |
Off-by-one error in the dissect_6lowpan_iphc function in packet-6lowpan.c in Wireshark 1.4.0 through 1.4.3 on 32-bit platforms allows remote attackers to cause a denial of service (application crash) via a malformed 6LoWPAN IPv6 packet. | |||||
CVE-2011-2175 | 1 Wireshark | 1 Wireshark | 2024-02-04 | 4.3 MEDIUM | N/A |
Integer underflow in the visual_read function in wiretap/visual.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a malformed Visual Networks file that triggers a heap-based buffer over-read. | |||||
CVE-2010-3133 | 1 Wireshark | 1 Wireshark | 2024-02-04 | 9.3 HIGH | N/A |
Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as a file that automatically launches Wireshark. | |||||
CVE-2009-4378 | 2 Microsoft, Wireshark | 2 Windows, Wireshark | 2024-02-04 | 4.3 MEDIUM | N/A |
The IPMI dissector in Wireshark 1.2.0 through 1.2.4 on Windows allows remote attackers to cause a denial of service (crash) via a crafted packet, related to "formatting a date/time using strftime." | |||||
CVE-2011-0024 | 1 Wireshark | 1 Wireshark | 2024-02-04 | 9.3 HIGH | N/A |
Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted capture file. | |||||
CVE-2009-4377 | 1 Wireshark | 1 Wireshark | 2024-02-04 | 4.3 MEDIUM | N/A |
The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pcap. | |||||
CVE-2011-3266 | 1 Wireshark | 1 Wireshark | 2024-02-04 | 2.6 LOW | N/A |
The proto_tree_add_item function in Wireshark 1.6.0 through 1.6.1 and 1.4.0 through 1.4.8, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service (infinite loop) via vectors involving a malformed IKE packet and many items in a tree. | |||||
CVE-2011-1958 | 1 Wireshark | 1 Wireshark | 2024-02-04 | 4.3 MEDIUM | N/A |
Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Diameter dictionary file. | |||||
CVE-2011-1959 | 1 Wireshark | 1 Wireshark | 2024-02-04 | 4.3 MEDIUM | N/A |
The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service (application crash) via a large length value in a snoop file that triggers a stack-based buffer over-read. | |||||
CVE-2009-4376 | 1 Wireshark | 1 Wireshark | 2024-02-04 | 9.3 HIGH | N/A |
Buffer overflow in the daintree_sna_read function in the Daintree SNA file parser in Wireshark 1.2.0 through 1.2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet. | |||||
CVE-2011-4102 | 1 Wireshark | 1 Wireshark | 2024-02-04 | 4.3 MEDIUM | N/A |
Heap-based buffer overflow in the erf_read_header function in wiretap/erf.c in the ERF file parser in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (application crash) via a malformed file. | |||||
CVE-2010-2283 | 1 Wireshark | 1 Wireshark | 2024-02-04 | 3.3 LOW | N/A |
The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. | |||||
CVE-2011-0538 | 1 Wireshark | 1 Wireshark | 2024-02-04 | 6.8 MEDIUM | N/A |
Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file. |