Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2011-1140

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-03 Mar, 2011 | 00:00
Updated At-06 Aug, 2024 | 22:14
Rejected At-
Credits

Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service (infinite recursion) via a crafted (1) SMB or (2) Connection-less LDAP (CLDAP) packet.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:03 Mar, 2011 | 00:00
Updated At:06 Aug, 2024 | 22:14
Rejected At:
▼CVE Numbering Authority (CNA)

Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service (infinite recursion) via a crafted (1) SMB or (2) Connection-less LDAP (CLDAP) packet.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://hermes.opensuse.org/messages/8086844
vendor-advisory
x_refsource_SUSE
http://secunia.com/advisories/43759
third-party-advisory
x_refsource_SECUNIA
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html
vendor-advisory
x_refsource_FEDORA
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html
vendor-advisory
x_refsource_FEDORA
http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html
x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2011/0747
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/44169
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2011/0626
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/43795
third-party-advisory
x_refsource_SECUNIA
http://www.kb.cert.org/vuls/id/215900
third-party-advisory
x_refsource_CERT-VN
http://anonsvn.wireshark.org/viewvc?view=rev&revision=36029
x_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14715
vdb-entry
signature
x_refsource_OVAL
http://www.redhat.com/support/errata/RHSA-2011-0370.html
vendor-advisory
x_refsource_REDHAT
http://www.vupen.com/english/advisories/2011/0719
vdb-entry
x_refsource_VUPEN
http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html
x_refsource_CONFIRM
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html
vendor-advisory
x_refsource_FEDORA
http://www.wireshark.org/security/wnpa-sec-2011-04.html
x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2011/0622
vdb-entry
x_refsource_VUPEN
http://www.wireshark.org/security/wnpa-sec-2011-03.html
x_refsource_CONFIRM
http://www.redhat.com/support/errata/RHSA-2011-0369.html
vendor-advisory
x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDVSA-2011:044
vendor-advisory
x_refsource_MANDRIVA
http://www.securitytracker.com/id?1025148
vdb-entry
x_refsource_SECTRACK
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5717
x_refsource_CONFIRM
http://www.debian.org/security/2011/dsa-2201
vendor-advisory
x_refsource_DEBIAN
http://secunia.com/advisories/43821
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://hermes.opensuse.org/messages/8086844
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://secunia.com/advisories/43759
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.vupen.com/english/advisories/2011/0747
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/44169
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2011/0626
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/43795
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.kb.cert.org/vuls/id/215900
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://anonsvn.wireshark.org/viewvc?view=rev&revision=36029
Resource:
x_refsource_CONFIRM
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14715
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0370.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.vupen.com/english/advisories/2011/0719
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://www.wireshark.org/security/wnpa-sec-2011-04.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.vupen.com/english/advisories/2011/0622
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.wireshark.org/security/wnpa-sec-2011-03.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0369.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:044
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://www.securitytracker.com/id?1025148
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5717
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.debian.org/security/2011/dsa-2201
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://secunia.com/advisories/43821
Resource:
third-party-advisory
x_refsource_SECUNIA
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://hermes.opensuse.org/messages/8086844
vendor-advisory
x_refsource_SUSE
x_transferred
http://secunia.com/advisories/43759
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html
x_refsource_CONFIRM
x_transferred
http://www.vupen.com/english/advisories/2011/0747
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/44169
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2011/0626
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/43795
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.kb.cert.org/vuls/id/215900
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://anonsvn.wireshark.org/viewvc?view=rev&revision=36029
x_refsource_CONFIRM
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14715
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://www.redhat.com/support/errata/RHSA-2011-0370.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.vupen.com/english/advisories/2011/0719
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html
x_refsource_CONFIRM
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://www.wireshark.org/security/wnpa-sec-2011-04.html
x_refsource_CONFIRM
x_transferred
http://www.vupen.com/english/advisories/2011/0622
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.wireshark.org/security/wnpa-sec-2011-03.html
x_refsource_CONFIRM
x_transferred
http://www.redhat.com/support/errata/RHSA-2011-0369.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.mandriva.com/security/advisories?name=MDVSA-2011:044
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://www.securitytracker.com/id?1025148
vdb-entry
x_refsource_SECTRACK
x_transferred
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5717
x_refsource_CONFIRM
x_transferred
http://www.debian.org/security/2011/dsa-2201
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://secunia.com/advisories/43821
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://hermes.opensuse.org/messages/8086844
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://secunia.com/advisories/43759
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0747
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/44169
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0626
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/43795
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/215900
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://anonsvn.wireshark.org/viewvc?view=rev&revision=36029
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14715
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0370.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0719
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://www.wireshark.org/security/wnpa-sec-2011-04.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0622
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.wireshark.org/security/wnpa-sec-2011-03.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0369.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:044
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://www.securitytracker.com/id?1025148
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5717
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.debian.org/security/2011/dsa-2201
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://secunia.com/advisories/43821
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:03 Mar, 2011 | 01:00
Updated At:11 Apr, 2025 | 00:51

Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service (infinite recursion) via a crafted (1) SMB or (2) Connection-less LDAP (CLDAP) packet.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
Type: Primary
Version: 2.0
Base score: 4.3
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P
CPE Matches
Wireshark Foundation
wireshark
>>wireshark>>1.0
cpe:2.3:a:wireshark:wireshark:1.0:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.0
cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.1
cpe:2.3:a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.2
cpe:2.3:a:wireshark:wireshark:1.0.2:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.3
cpe:2.3:a:wireshark:wireshark:1.0.3:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.4
cpe:2.3:a:wireshark:wireshark:1.0.4:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.5
cpe:2.3:a:wireshark:wireshark:1.0.5:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.6
cpe:2.3:a:wireshark:wireshark:1.0.6:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.7
cpe:2.3:a:wireshark:wireshark:1.0.7:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.8
cpe:2.3:a:wireshark:wireshark:1.0.8:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.9
cpe:2.3:a:wireshark:wireshark:1.0.9:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.10
cpe:2.3:a:wireshark:wireshark:1.0.10:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.11
cpe:2.3:a:wireshark:wireshark:1.0.11:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.12
cpe:2.3:a:wireshark:wireshark:1.0.12:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.13
cpe:2.3:a:wireshark:wireshark:1.0.13:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.14
cpe:2.3:a:wireshark:wireshark:1.0.14:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.15
cpe:2.3:a:wireshark:wireshark:1.0.15:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.16
cpe:2.3:a:wireshark:wireshark:1.0.16:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.0
cpe:2.3:a:wireshark:wireshark:1.2.0:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.1
cpe:2.3:a:wireshark:wireshark:1.2.1:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.2
cpe:2.3:a:wireshark:wireshark:1.2.2:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.3
cpe:2.3:a:wireshark:wireshark:1.2.3:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.4
cpe:2.3:a:wireshark:wireshark:1.2.4:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.5
cpe:2.3:a:wireshark:wireshark:1.2.5:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.6
cpe:2.3:a:wireshark:wireshark:1.2.6:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.7
cpe:2.3:a:wireshark:wireshark:1.2.7:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.8
cpe:2.3:a:wireshark:wireshark:1.2.8:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.9
cpe:2.3:a:wireshark:wireshark:1.2.9:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.10
cpe:2.3:a:wireshark:wireshark:1.2.10:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.11
cpe:2.3:a:wireshark:wireshark:1.2.11:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.12
cpe:2.3:a:wireshark:wireshark:1.2.12:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.13
cpe:2.3:a:wireshark:wireshark:1.2.13:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.14
cpe:2.3:a:wireshark:wireshark:1.2.14:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.4.0
cpe:2.3:a:wireshark:wireshark:1.4.0:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.4.1
cpe:2.3:a:wireshark:wireshark:1.4.1:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.4.2
cpe:2.3:a:wireshark:wireshark:1.4.2:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.4.3
cpe:2.3:a:wireshark:wireshark:1.4.3:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-399Primarynvd@nist.gov
CWE ID: CWE-399
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://anonsvn.wireshark.org/viewvc?view=rev&revision=36029cve@mitre.org
Patch
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.htmlcve@mitre.org
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.htmlcve@mitre.org
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.htmlcve@mitre.org
N/A
http://secunia.com/advisories/43759cve@mitre.org
N/A
http://secunia.com/advisories/43795cve@mitre.org
N/A
http://secunia.com/advisories/43821cve@mitre.org
N/A
http://secunia.com/advisories/44169cve@mitre.org
N/A
http://www.debian.org/security/2011/dsa-2201cve@mitre.org
N/A
http://www.kb.cert.org/vuls/id/215900cve@mitre.org
US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2011:044cve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2011-0369.htmlcve@mitre.org
N/A
http://www.redhat.com/support/errata/RHSA-2011-0370.htmlcve@mitre.org
N/A
http://www.securitytracker.com/id?1025148cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2011/0622cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2011/0626cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2011/0719cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2011/0747cve@mitre.org
N/A
http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.htmlcve@mitre.org
Patch
http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.htmlcve@mitre.org
Patch
http://www.wireshark.org/security/wnpa-sec-2011-03.htmlcve@mitre.org
Vendor Advisory
http://www.wireshark.org/security/wnpa-sec-2011-04.htmlcve@mitre.org
Vendor Advisory
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5717cve@mitre.org
Exploit
https://hermes.opensuse.org/messages/8086844cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14715cve@mitre.org
N/A
http://anonsvn.wireshark.org/viewvc?view=rev&revision=36029af854a3a-2127-422b-91ae-364da2661108
Patch
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/43759af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/43795af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/43821af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/44169af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2011/dsa-2201af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.kb.cert.org/vuls/id/215900af854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.mandriva.com/security/advisories?name=MDVSA-2011:044af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2011-0369.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2011-0370.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securitytracker.com/id?1025148af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2011/0622af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2011/0626af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2011/0719af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2011/0747af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
http://www.wireshark.org/security/wnpa-sec-2011-03.htmlaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.wireshark.org/security/wnpa-sec-2011-04.htmlaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5717af854a3a-2127-422b-91ae-364da2661108
Exploit
https://hermes.opensuse.org/messages/8086844af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14715af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://anonsvn.wireshark.org/viewvc?view=rev&revision=36029
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/43759
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/43795
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/43821
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/44169
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.debian.org/security/2011/dsa-2201
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.kb.cert.org/vuls/id/215900
Source: cve@mitre.org
Resource:
US Government Resource
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:044
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0369.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0370.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1025148
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0622
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0626
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0719
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0747
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://www.wireshark.org/security/wnpa-sec-2011-03.html
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.wireshark.org/security/wnpa-sec-2011-04.html
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5717
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: https://hermes.opensuse.org/messages/8086844
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14715
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://anonsvn.wireshark.org/viewvc?view=rev&revision=36029
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/43759
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/43795
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/43821
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/44169
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2011/dsa-2201
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.kb.cert.org/vuls/id/215900
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
US Government Resource
Hyperlink: http://www.mandriva.com/security/advisories?name=MDVSA-2011:044
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0369.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0370.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1025148
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0622
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0626
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0719
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0747
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://www.wireshark.org/security/wnpa-sec-2011-03.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.wireshark.org/security/wnpa-sec-2011-04.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5717
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: https://hermes.opensuse.org/messages/8086844
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14715
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

183Records found
CVE-2015-6246
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.66% / 70.21%
||
7 Day CHG~0.00%
Published-24 Aug, 2015 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_wa_payload function in epan/dissectors/packet-waveagent.c in the WaveAgent dissector in Wireshark 1.12.x before 1.12.7 mishandles large tag values, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark FoundationOracle Corporation
Product-wiresharklinuxsolarisn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2007-6451
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-2.31% / 84.13%
||
7 Day CHG~0.00%
Published-19 Dec, 2007 | 22:00
Updated-07 Aug, 2024 | 16:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the CIP dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger allocation of large amounts of memory.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-399
Not Available
CVE-2015-4652
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.42% / 61.17%
||
7 Day CHG~0.00%
Published-22 Jul, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-gsm_a_dtap.c in the GSM DTAP dissector in Wireshark 1.12.x before 1.12.6 does not properly validate digit characters, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to the de_emerg_num_list and de_bcd_num functions.

Action-Not Available
Vendor-n/aWireshark FoundationDebian GNU/Linux
Product-wiresharkdebian_linuxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2007-6113
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-9.38% / 92.46%
||
7 Day CHG~0.00%
Published-23 Nov, 2007 | 20:00
Updated-07 Aug, 2024 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of service (long loop) via a malformed DNP3 packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-189
Not Available
CVE-2015-3182
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.09% / 25.89%
||
7 Day CHG~0.00%
Published-04 Jan, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-dec-dnart.c in the DECnet NSP/RT dissector in Wireshark 1.10.12 through 1.10.14 mishandles a certain strdup return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2007-0458
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-1.50% / 80.40%
||
7 Day CHG~0.00%
Published-02 Feb, 2007 | 20:00
Updated-07 Aug, 2024 | 12:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors, a different issue than CVE-2006-5468.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2016-9374
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-1.22% / 78.20%
||
7 Day CHG~0.00%
Published-17 Nov, 2016 | 05:48
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-alljoyn.c by ensuring that a length variable properly tracked the state of a signature variable.

Action-Not Available
Vendor-n/aWireshark FoundationDebian GNU/Linux
Product-wiresharkdebian_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2007-0457
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-1.50% / 80.40%
||
7 Day CHG~0.00%
Published-02 Feb, 2007 | 20:00
Updated-07 Aug, 2024 | 12:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the IEEE 802.11 dissector in Wireshark (formerly Ethereal) 0.10.14 through 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2007-0456
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-1.50% / 80.40%
||
7 Day CHG~0.00%
Published-02 Feb, 2007 | 20:00
Updated-07 Aug, 2024 | 12:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the LLT dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2006-4330
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-11.53% / 93.35%
||
7 Day CHG~0.00%
Published-24 Aug, 2006 | 20:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the SCSI dissector in Wireshark (formerly Ethereal) 0.99.2 allows remote attackers to cause a denial of service (crash) via unspecified vectors.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2016-6512
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-1.89% / 82.45%
||
7 Day CHG~0.00%
Published-06 Aug, 2016 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-wap.c in Wireshark 2.x before 2.0.5 omits an overflow check in the tvb_get_guintvar function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet, related to the MMSE, WAP, WBXML, and WSP dissectors.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-6507
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.18% / 40.27%
||
7 Day CHG~0.00%
Published-06 Aug, 2016 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-mmse.c in the MMSE dissector in Wireshark 1.12.x before 1.12.13 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2016-7177
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.31% / 53.48%
||
7 Day CHG~0.00%
Published-09 Sep, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 does not restrict the number of channels, which allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark FoundationDebian GNU/Linux
Product-wiresharkdebian_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-6509
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.21% / 43.61%
||
7 Day CHG~0.00%
Published-06 Aug, 2016 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-ldss.c in the LDSS dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 mishandles conversations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-5356
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.81% / 73.19%
||
7 Day CHG~0.00%
Published-07 Aug, 2016 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

wiretap/cosine.c in the CoSine file parser in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles sscanf unsigned-integer processing, which allows remote attackers to cause a denial of service (application crash) via a crafted file.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-4418
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.16% / 37.89%
||
7 Day CHG~0.00%
Published-01 May, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet that triggers an empty set.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-4082
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.23% / 45.50%
||
7 Day CHG~0.00%
Published-25 Apr, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses the wrong variable to index an array, which allows remote attackers to cause a denial of service (out-of-bounds access and application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark FoundationDebian GNU/LinuxOracle Corporation
Product-wiresharkdebian_linuxsolarisn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-4076
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.17% / 38.43%
||
7 Day CHG~0.00%
Published-25 Apr, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 2.0.x before 2.0.3 does not properly initialize memory for search patterns, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-284
Improper Access Control
CVE-2016-4084
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.16% / 37.89%
||
7 Day CHG~0.00%
Published-25 Apr, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer signedness error in epan/dissectors/packet-mswsp.c in the MS-WSP dissector in Wireshark 2.0.x before 2.0.3 allows remote attackers to cause a denial of service (integer overflow and application crash) via a crafted packet that triggers an unexpected array size.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2016-2529
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.17% / 38.50%
||
7 Day CHG~0.00%
Published-28 Feb, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The iseries_check_file_type function in wiretap/iseries.c in the iSeries file parser in Wireshark 2.0.x before 2.0.2 does not consider that a line may lack the "OBJECT PROTOCOL" substring, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-2527
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.18% / 40.46%
||
7 Day CHG~0.00%
Published-28 Feb, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

wiretap/nettrace_3gpp_32_423.c in the 3GPP TS 32.423 Trace file parser in Wireshark 2.0.x before 2.0.2 does not ensure that a '\0' character is present at the end of certain strings, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted file.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-4020
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.17% / 38.77%
||
7 Day CHG~0.00%
Published-18 Jun, 2014 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_frame function in epan/dissectors/packet-frame.c in the frame metadissector in Wireshark 1.10.x before 1.10.8 interprets a negative integer as a length value even though it was intended to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2013-5722
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.27% / 50.18%
||
7 Day CHG~0.00%
Published-13 Sep, 2013 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the LDAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2013-5721
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.29% / 51.67%
||
7 Day CHG~0.00%
Published-13 Sep, 2013 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_mq_rr function in epan/dissectors/packet-mq.c in the MQ dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not properly determine when to enter a certain loop, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-5719
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.31% / 53.96%
||
7 Day CHG~0.00%
Published-13 Sep, 2013 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-assa_r3.c in the ASSA R3 dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2013-6336
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.88% / 74.47%
||
7 Day CHG~0.00%
Published-04 Nov, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c in the IEEE 802.15.4 dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 uses an incorrect pointer chain, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-5717
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.21% / 42.82%
||
7 Day CHG~0.00%
Published-13 Sep, 2013 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Bluetooth HCI ACL dissector in Wireshark 1.10.x before 1.10.2 does not properly maintain a certain free list, which allows remote attackers to cause a denial of service (application crash) via a crafted packet that is not properly handled by the wmem_block_alloc function in epan/wmem/wmem_allocator_block.c.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-2907
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.21% / 42.82%
||
7 Day CHG~0.00%
Published-24 Apr, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The srtp_add_address function in epan/dissectors/packet-rtp.c in the RTP dissector in Wireshark 1.10.x before 1.10.7 does not properly update SRTP conversation data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2013-6339
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-1.14% / 77.47%
||
7 Day CHG~0.00%
Published-04 Nov, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_openwire_type function in epan/dissectors/packet-openwire.c in the OpenWire dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (loop) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-2281
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-3.33% / 86.77%
||
7 Day CHG~0.00%
Published-11 Mar, 2014 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-2282
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.57% / 67.62%
||
7 Day CHG~0.00%
Published-11 Mar, 2014 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_protocol_data_parameter function in epan/dissectors/packet-m3ua.c in the M3UA dissector in Wireshark 1.10.x before 1.10.6 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted SS7 MTP3 packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-4935
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-1.44% / 79.89%
||
7 Day CHG~0.00%
Published-29 Jul, 2013 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in certain abnormal situations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2014-2283
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-2.41% / 84.46%
||
7 Day CHG~0.00%
Published-11 Mar, 2014 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-rlc in the RLC dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 uses inconsistent memory-management approaches, which allows remote attackers to cause a denial of service (use-after-free error and application crash) via a crafted UMTS Radio Link Control packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2013-6337
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.27% / 50.18%
||
7 Day CHG~0.00%
Published-04 Nov, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2013-5718
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.88% / 74.47%
||
7 Day CHG~0.00%
Published-13 Sep, 2013 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_nbap_T_dCH_ID function in epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not restrict the dch_id value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2013-6338
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.88% / 74.47%
||
7 Day CHG~0.00%
Published-04 Nov, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-6340
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.88% / 74.47%
||
7 Day CHG~0.00%
Published-04 Nov, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-tcp.c in the TCP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly determine the amount of remaining data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-19626
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.29% / 52.00%
||
7 Day CHG~0.00%
Published-29 Nov, 2018 | 04:00
Updated-05 Aug, 2024 | 11:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash. This was addressed in epan/dissectors/packet-dcom.c by adding '\0' termination.

Action-Not Available
Vendor-n/aWireshark FoundationDebian GNU/Linux
Product-wiresharkdebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-908
Use of Uninitialized Resource
CVE-2012-3548
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.49% / 64.67%
||
7 Day CHG~0.00%
Published-30 Aug, 2012 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_drda function in epan/dissectors/packet-drda.c in Wireshark 1.6.x through 1.6.10 and 1.8.x through 1.8.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a small value for a certain length field in a capture file.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2012-0067
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-8.78% / 92.15%
||
7 Day CHG~0.00%
Published-11 Apr, 2012 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

wiretap/iptrace.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in an AIX iptrace file.

Action-Not Available
Vendor-n/aRed Hat, Inc.Wireshark Foundation
Product-wiresharkenterprise_linuxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2012-4286
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-2.19% / 83.70%
||
7 Day CHG~0.00%
Published-16 Aug, 2012 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The pcapng_read_packet_block function in wiretap/pcapng.c in the pcap-ng file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted pcap-ng file.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Wireshark Foundation
Product-wiresharksunosn/a
CVE-2011-3483
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-7.69% / 91.53%
||
7 Day CHG~0.00%
Published-20 Sep, 2011 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Wireshark 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (application crash) via a malformed capture file that leads to an invalid root tvbuff, related to a "buffer exception handling vulnerability."

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-2698
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-1.93% / 82.64%
||
7 Day CHG~0.00%
Published-23 Aug, 2011 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Off-by-one error in the elem_cell_id_aux function in epan/dissectors/packet-ansi_a.c in the ANSI MAP dissector in Wireshark 1.4.x before 1.4.8 and 1.6.x before 1.6.1 allows remote attackers to cause a denial of service (infinite loop) via an invalid packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2011-1590
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-2.47% / 84.66%
||
7 Day CHG~0.00%
Published-29 Apr, 2011 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2011-1141
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-1.88% / 82.40%
||
7 Day CHG~0.00%
Published-03 Mar, 2011 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many elements.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2016-4006
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.20% / 41.92%
||
7 Day CHG~0.00%
Published-25 Apr, 2016 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/proto.c in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not limit the protocol-tree depth, which allows remote attackers to cause a denial of service (stack memory consumption and application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-8734
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.09% / 26.94%
||
7 Day CHG~0.00%
Published-04 Jan, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_nwp function in epan/dissectors/packet-nwp.c in the NWP dissector in Wireshark 2.0.x before 2.0.1 mishandles the packet type, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-6247
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.57% / 67.60%
||
7 Day CHG~0.00%
Published-24 Aug, 2015 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_openflow_tablemod_v5 function in epan/dissectors/packet-openflow_v5.c in the OpenFlow dissector in Wireshark 1.12.x before 1.12.7 does not validate a certain offset value, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark FoundationOracle Corporation
Product-wiresharksolarisn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2019-9209
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.48% / 64.26%
||
7 Day CHG~0.00%
Published-28 Feb, 2019 | 04:00
Updated-04 Aug, 2024 | 21:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and related dissectors could crash. This was addressed in epan/dissectors/packet-ber.c by preventing a buffer overflow associated with excessive digits in time values.

Action-Not Available
Vendor-n/aCanonical Ltd.Wireshark FoundationDebian GNU/LinuxopenSUSE
Product-wiresharkubuntu_linuxdebian_linuxleapn/a
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-193
Off-by-one Error
CVE-2019-5721
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.19% / 41.09%
||
7 Day CHG~0.00%
Published-08 Jan, 2019 | 23:00
Updated-04 Aug, 2024 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was addressed in epan/dissectors/packet-enip.c by changing the memory-management approach so that a use-after-free is avoided.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-416
Use After Free
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found