Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2011-1143

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-03 Mar, 2011 | 00:00
Updated At-06 Aug, 2024 | 22:14
Rejected At-
Credits

epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:03 Mar, 2011 | 00:00
Updated At:06 Aug, 2024 | 22:14
Rejected At:
▼CVE Numbering Authority (CNA)

epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5157
x_refsource_CONFIRM
https://hermes.opensuse.org/messages/8086844
vendor-advisory
x_refsource_SUSE
http://secunia.com/advisories/43759
third-party-advisory
x_refsource_SECUNIA
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html
vendor-advisory
x_refsource_FEDORA
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html
vendor-advisory
x_refsource_FEDORA
http://secunia.com/advisories/44169
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2011/0626
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/48947
third-party-advisory
x_refsource_SECUNIA
http://www.kb.cert.org/vuls/id/215900
third-party-advisory
x_refsource_CERT-VN
http://www.redhat.com/support/errata/RHSA-2011-0370.html
vendor-advisory
x_refsource_REDHAT
http://www.vupen.com/english/advisories/2011/0719
vdb-entry
x_refsource_VUPEN
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16209
vdb-entry
signature
x_refsource_OVAL
http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html
x_refsource_CONFIRM
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html
vendor-advisory
x_refsource_FEDORA
http://www.securityfocus.com/bid/46796
vdb-entry
x_refsource_BID
http://anonsvn.wireshark.org/viewvc?view=rev&revision=34018
x_refsource_CONFIRM
http://www.securitytracker.com/id?1025148
vdb-entry
x_refsource_SECTRACK
http://secunia.com/advisories/43821
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5157
Resource:
x_refsource_CONFIRM
Hyperlink: https://hermes.opensuse.org/messages/8086844
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://secunia.com/advisories/43759
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://secunia.com/advisories/44169
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2011/0626
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/48947
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.kb.cert.org/vuls/id/215900
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0370.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.vupen.com/english/advisories/2011/0719
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16209
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://www.securityfocus.com/bid/46796
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://anonsvn.wireshark.org/viewvc?view=rev&revision=34018
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securitytracker.com/id?1025148
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://secunia.com/advisories/43821
Resource:
third-party-advisory
x_refsource_SECUNIA
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5157
x_refsource_CONFIRM
x_transferred
https://hermes.opensuse.org/messages/8086844
vendor-advisory
x_refsource_SUSE
x_transferred
http://secunia.com/advisories/43759
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://secunia.com/advisories/44169
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2011/0626
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/48947
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.kb.cert.org/vuls/id/215900
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://www.redhat.com/support/errata/RHSA-2011-0370.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.vupen.com/english/advisories/2011/0719
vdb-entry
x_refsource_VUPEN
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16209
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html
x_refsource_CONFIRM
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://www.securityfocus.com/bid/46796
vdb-entry
x_refsource_BID
x_transferred
http://anonsvn.wireshark.org/viewvc?view=rev&revision=34018
x_refsource_CONFIRM
x_transferred
http://www.securitytracker.com/id?1025148
vdb-entry
x_refsource_SECTRACK
x_transferred
http://secunia.com/advisories/43821
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5157
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://hermes.opensuse.org/messages/8086844
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://secunia.com/advisories/43759
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://secunia.com/advisories/44169
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0626
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/48947
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/215900
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0370.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2011/0719
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16209
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://www.securityfocus.com/bid/46796
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://anonsvn.wireshark.org/viewvc?view=rev&revision=34018
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securitytracker.com/id?1025148
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://secunia.com/advisories/43821
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:03 Mar, 2011 | 01:00
Updated At:11 Apr, 2025 | 00:51

epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
Primary2.04.3MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
Type: Primary
Version: 2.0
Base score: 4.3
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P
Type: Primary
Version: 2.0
Base score: 4.3
Base severity: MEDIUM
Vector:
AV:N/AC:M/Au:N/C:N/I:N/A:P
CPE Matches
Wireshark Foundation
wireshark
>>wireshark>>Versions up to 1.4.3(inclusive)
cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>0.99.2
cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>0.99.3
cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>0.99.4
cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>0.99.5
cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>0.99.6
cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>0.99.7
cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>0.99.8
cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.0
cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.1
cpe:2.3:a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.2
cpe:2.3:a:wireshark:wireshark:1.0.2:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.3
cpe:2.3:a:wireshark:wireshark:1.0.3:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.4
cpe:2.3:a:wireshark:wireshark:1.0.4:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.5
cpe:2.3:a:wireshark:wireshark:1.0.5:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.6
cpe:2.3:a:wireshark:wireshark:1.0.6:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.7
cpe:2.3:a:wireshark:wireshark:1.0.7:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.8
cpe:2.3:a:wireshark:wireshark:1.0.8:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.9
cpe:2.3:a:wireshark:wireshark:1.0.9:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.10
cpe:2.3:a:wireshark:wireshark:1.0.10:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.11
cpe:2.3:a:wireshark:wireshark:1.0.11:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.12
cpe:2.3:a:wireshark:wireshark:1.0.12:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.13
cpe:2.3:a:wireshark:wireshark:1.0.13:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.14
cpe:2.3:a:wireshark:wireshark:1.0.14:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.15
cpe:2.3:a:wireshark:wireshark:1.0.15:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.0.16
cpe:2.3:a:wireshark:wireshark:1.0.16:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2
cpe:2.3:a:wireshark:wireshark:1.2:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.0
cpe:2.3:a:wireshark:wireshark:1.2.0:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.1
cpe:2.3:a:wireshark:wireshark:1.2.1:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.2
cpe:2.3:a:wireshark:wireshark:1.2.2:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.3
cpe:2.3:a:wireshark:wireshark:1.2.3:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.4
cpe:2.3:a:wireshark:wireshark:1.2.4:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.5
cpe:2.3:a:wireshark:wireshark:1.2.5:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.6
cpe:2.3:a:wireshark:wireshark:1.2.6:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.7
cpe:2.3:a:wireshark:wireshark:1.2.7:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.8
cpe:2.3:a:wireshark:wireshark:1.2.8:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.9
cpe:2.3:a:wireshark:wireshark:1.2.9:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.10
cpe:2.3:a:wireshark:wireshark:1.2.10:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.11
cpe:2.3:a:wireshark:wireshark:1.2.11:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.12
cpe:2.3:a:wireshark:wireshark:1.2.12:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.13
cpe:2.3:a:wireshark:wireshark:1.2.13:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.14
cpe:2.3:a:wireshark:wireshark:1.2.14:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.2.15
cpe:2.3:a:wireshark:wireshark:1.2.15:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.4.0
cpe:2.3:a:wireshark:wireshark:1.4.0:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.4.1
cpe:2.3:a:wireshark:wireshark:1.4.1:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.4.2
cpe:2.3:a:wireshark:wireshark:1.4.2:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Per: http://cwe.mitre.org/data/definitions/476.html 'CWE-476: NULL Pointer Dereference'
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://anonsvn.wireshark.org/viewvc?view=rev&revision=34018cve@mitre.org
Patch
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.htmlcve@mitre.org
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.htmlcve@mitre.org
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.htmlcve@mitre.org
N/A
http://secunia.com/advisories/43759cve@mitre.org
N/A
http://secunia.com/advisories/43821cve@mitre.org
N/A
http://secunia.com/advisories/44169cve@mitre.org
N/A
http://secunia.com/advisories/48947cve@mitre.org
N/A
http://www.kb.cert.org/vuls/id/215900cve@mitre.org
US Government Resource
http://www.redhat.com/support/errata/RHSA-2011-0370.htmlcve@mitre.org
N/A
http://www.securityfocus.com/bid/46796cve@mitre.org
N/A
http://www.securitytracker.com/id?1025148cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2011/0626cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2011/0719cve@mitre.org
N/A
http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.htmlcve@mitre.org
Patch
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5157cve@mitre.org
N/A
https://hermes.opensuse.org/messages/8086844cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16209cve@mitre.org
N/A
http://anonsvn.wireshark.org/viewvc?view=rev&revision=34018af854a3a-2127-422b-91ae-364da2661108
Patch
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/43759af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/43821af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/44169af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/48947af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.kb.cert.org/vuls/id/215900af854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.redhat.com/support/errata/RHSA-2011-0370.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/46796af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securitytracker.com/id?1025148af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2011/0626af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2011/0719af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5157af854a3a-2127-422b-91ae-364da2661108
N/A
https://hermes.opensuse.org/messages/8086844af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16209af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://anonsvn.wireshark.org/viewvc?view=rev&revision=34018
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/43759
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/43821
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/44169
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/48947
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.kb.cert.org/vuls/id/215900
Source: cve@mitre.org
Resource:
US Government Resource
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0370.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/46796
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1025148
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0626
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0719
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html
Source: cve@mitre.org
Resource:
Patch
Hyperlink: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5157
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://hermes.opensuse.org/messages/8086844
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16209
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://anonsvn.wireshark.org/viewvc?view=rev&revision=34018
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/43759
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/43821
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/44169
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/48947
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.kb.cert.org/vuls/id/215900
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
US Government Resource
Hyperlink: http://www.redhat.com/support/errata/RHSA-2011-0370.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/46796
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securitytracker.com/id?1025148
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0626
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2011/0719
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5157
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://hermes.opensuse.org/messages/8086844
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16209
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

183Records found
CVE-2015-8734
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.09% / 26.96%
||
7 Day CHG~0.00%
Published-04 Jan, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_nwp function in epan/dissectors/packet-nwp.c in the NWP dissector in Wireshark 2.0.x before 2.0.1 mishandles the packet type, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-8736
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.69% / 70.79%
||
7 Day CHG~0.00%
Published-04 Jan, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mp2t_find_next_pcr function in wiretap/mp2t.c in the MP2T file parser in Wireshark 2.0.x before 2.0.1 does not reserve memory for a trailer, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted file.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-8726
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.97% / 75.71%
||
7 Day CHG~0.00%
Published-04 Jan, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme (MCS) data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2015-8725
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.74% / 71.91%
||
7 Day CHG~0.00%
Published-04 Jan, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_diameter_base_framed_ipv6_prefix function in epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the IPv6 prefix length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2015-7830
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.57% / 67.75%
||
7 Day CHG~0.00%
Published-15 Nov, 2015 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The pcapng_read_if_descr_block function in wiretap/pcapng.c in the pcapng parser in Wireshark 1.12.x before 1.12.8 uses too many levels of pointer indirection, which allows remote attackers to cause a denial of service (incorrect free and application crash) via a crafted packet that triggers interface-filter copying.

Action-Not Available
Vendor-n/aWireshark FoundationOracle Corporation
Product-wiresharksolarisn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-6244
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.80% / 73.16%
||
7 Day CHG~0.00%
Published-24 Aug, 2015 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_zbee_secure function in epan/dissectors/packet-zbee-security.c in the ZigBee dissector in Wireshark 1.12.x before 1.12.7 improperly relies on length fields contained in packet data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark FoundationOracle Corporation
Product-wiresharklinuxsolarisn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-6245
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.38% / 58.55%
||
7 Day CHG~0.00%
Published-24 Aug, 2015 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC/MAC dissector in Wireshark 1.12.x before 1.12.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark FoundationOracle Corporation
Product-wiresharklinuxsolarisn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-6241
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.57% / 67.60%
||
7 Day CHG~0.00%
Published-24 Aug, 2015 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The proto_tree_add_bytes_item function in epan/proto.c in the protocol-tree implementation in Wireshark 1.12.x before 1.12.7 does not properly terminate a data structure after a failure to locate a number within a string, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark FoundationOracle Corporation
Product-wiresharksolarisn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-6242
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.57% / 67.60%
||
7 Day CHG~0.00%
Published-24 Aug, 2015 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The wmem_block_split_free_chunk function in epan/wmem/wmem_allocator_block.c in the wmem block allocator in the memory manager in Wireshark 1.12.x before 1.12.7 does not properly consider a certain case of multiple realloc operations that restore a memory chunk to its original size, which allows remote attackers to cause a denial of service (incorrect free operation and application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark FoundationOracle Corporation
Product-wiresharksolarisn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-6249
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.57% / 67.60%
||
7 Day CHG~0.00%
Published-24 Aug, 2015 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_wccp2r1_address_table_info function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.12.x before 1.12.7 does not prevent the conflicting use of a table for both IPv4 and IPv6 addresses, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark FoundationOracle Corporation
Product-wiresharksolarisn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-6243
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.66% / 70.22%
||
7 Day CHG~0.00%
Published-24 Aug, 2015 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissector-table implementation in epan/packet.c in Wireshark 1.12.x before 1.12.7 mishandles table searches for empty strings, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to the (1) dissector_get_string_handle and (2) dissector_get_default_string_handle functions.

Action-Not Available
Vendor-n/aWireshark FoundationOracle Corporation
Product-wiresharklinuxsolarisn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-6246
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.66% / 70.22%
||
7 Day CHG~0.00%
Published-24 Aug, 2015 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_wa_payload function in epan/dissectors/packet-waveagent.c in the WaveAgent dissector in Wireshark 1.12.x before 1.12.7 mishandles large tag values, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark FoundationOracle Corporation
Product-wiresharklinuxsolarisn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-6247
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.57% / 67.60%
||
7 Day CHG~0.00%
Published-24 Aug, 2015 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_openflow_tablemod_v5 function in epan/dissectors/packet-openflow_v5.c in the OpenFlow dissector in Wireshark 1.12.x before 1.12.7 does not validate a certain offset value, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark FoundationOracle Corporation
Product-wiresharksolarisn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-6248
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.68% / 70.63%
||
7 Day CHG~0.00%
Published-24 Aug, 2015 | 23:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ptvcursor_add function in the ptvcursor implementation in epan/proto.c in Wireshark 1.12.x before 1.12.7 does not check whether the expected amount of data is available, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark FoundationOracle Corporation
Product-wiresharklinuxsolarisn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-4652
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.42% / 61.18%
||
7 Day CHG~0.00%
Published-22 Jul, 2015 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-gsm_a_dtap.c in the GSM DTAP dissector in Wireshark 1.12.x before 1.12.6 does not properly validate digit characters, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to the de_emerg_num_list and de_bcd_num functions.

Action-Not Available
Vendor-n/aWireshark FoundationDebian GNU/Linux
Product-wiresharkdebian_linuxn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-4680
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-3.84% / 87.71%
||
7 Day CHG~0.00%
Published-22 Oct, 2008 | 17:00
Updated-07 Aug, 2024 | 10:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

packet-usb.c in the USB dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a malformed USB Request Block (URB).

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-399
Not Available
CVE-2015-3182
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.09% / 25.92%
||
7 Day CHG~0.00%
Published-04 Jan, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-dec-dnart.c in the DECnet NSP/RT dissector in Wireshark 1.10.12 through 1.10.14 mishandles a certain strdup return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-9616
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.22% / 44.72%
||
7 Day CHG~0.00%
Published-14 Jun, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion (uncontrolled recursion) in the dissect_mp4_box function in epan/dissectors/file-mp4.c.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-674
Uncontrolled Recursion
CVE-2017-9617
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.10% / 27.62%
||
7 Day CHG~0.00%
Published-14 Jun, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion (uncontrolled recursion) in the dissect_daap_one_tag function in epan/dissectors/packet-daap.c in the DAAP dissector.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-674
Uncontrolled Recursion
CVE-2008-3137
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-2.92% / 85.86%
||
7 Day CHG~0.00%
Published-10 Jul, 2008 | 23:00
Updated-07 Aug, 2024 | 09:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The GSM SMS dissector in Wireshark (formerly Ethereal) 0.99.2 through 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-5334
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-0.86% / 74.20%
||
7 Day CHG~0.00%
Published-11 Jan, 2018 | 21:00
Updated-05 Aug, 2024 | 05:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by correcting the signature timestamp bounds checks.

Action-Not Available
Vendor-n/aWireshark FoundationDebian GNU/Linux
Product-wiresharkdebian_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-4020
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.17% / 38.78%
||
7 Day CHG~0.00%
Published-18 Jun, 2014 | 16:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_frame function in epan/dissectors/packet-frame.c in the frame metadissector in Wireshark 1.10.x before 1.10.8 interprets a negative integer as a length value even though it was intended to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2008-1071
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.96% / 75.52%
||
7 Day CHG~0.00%
Published-28 Feb, 2008 | 22:00
Updated-07 Aug, 2024 | 08:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SNMP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.7 allows remote attackers to cause a denial of service (crash) via a malformed packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-399
Not Available
CVE-2008-1563
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-7.41% / 91.36%
||
7 Day CHG~0.00%
Published-31 Mar, 2008 | 22:00
Updated-07 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The "decode as" feature in packet-bssap.c in the SCCP dissector in Wireshark (formerly Ethereal) 0.99.6 through 0.99.8 allows remote attackers to cause a denial of service (application crash) via a malformed packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2014-2281
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-3.33% / 86.78%
||
7 Day CHG~0.00%
Published-11 Mar, 2014 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-2282
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.57% / 67.62%
||
7 Day CHG~0.00%
Published-11 Mar, 2014 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_protocol_data_parameter function in epan/dissectors/packet-m3ua.c in the M3UA dissector in Wireshark 1.10.x before 1.10.6 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted SS7 MTP3 packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-2283
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-2.41% / 84.46%
||
7 Day CHG~0.00%
Published-11 Mar, 2014 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-rlc in the RLC dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 uses inconsistent memory-management approaches, which allows remote attackers to cause a denial of service (use-after-free error and application crash) via a crafted UMTS Radio Link Control packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2007-6451
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-2.31% / 84.13%
||
7 Day CHG~0.00%
Published-19 Dec, 2007 | 22:00
Updated-07 Aug, 2024 | 16:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the CIP dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger allocation of large amounts of memory.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-399
Not Available
CVE-2007-6113
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-9.38% / 92.46%
||
7 Day CHG~0.00%
Published-23 Nov, 2007 | 20:00
Updated-07 Aug, 2024 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer signedness error in the DNP3 dissector in Wireshark (formerly Ethereal) 0.10.12 to 0.99.6 allows remote attackers to cause a denial of service (long loop) via a malformed DNP3 packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-189
Not Available
CVE-2013-5722
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.27% / 50.19%
||
7 Day CHG~0.00%
Published-13 Sep, 2013 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the LDAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2013-6336
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.88% / 74.48%
||
7 Day CHG~0.00%
Published-04 Nov, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c in the IEEE 802.15.4 dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 uses an incorrect pointer chain, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-6339
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-1.14% / 77.49%
||
7 Day CHG~0.00%
Published-04 Nov, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_openwire_type function in epan/dissectors/packet-openwire.c in the OpenWire dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (loop) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2014-2907
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.21% / 42.83%
||
7 Day CHG~0.00%
Published-24 Apr, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The srtp_add_address function in epan/dissectors/packet-rtp.c in the RTP dissector in Wireshark 1.10.x before 1.10.7 does not properly update SRTP conversation data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2013-6338
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.88% / 74.48%
||
7 Day CHG~0.00%
Published-04 Nov, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-5721
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.29% / 51.68%
||
7 Day CHG~0.00%
Published-13 Sep, 2013 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_mq_rr function in epan/dissectors/packet-mq.c in the MQ dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not properly determine when to enter a certain loop, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-5717
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.21% / 42.83%
||
7 Day CHG~0.00%
Published-13 Sep, 2013 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Bluetooth HCI ACL dissector in Wireshark 1.10.x before 1.10.2 does not properly maintain a certain free list, which allows remote attackers to cause a denial of service (application crash) via a crafted packet that is not properly handled by the wmem_block_alloc function in epan/wmem/wmem_allocator_block.c.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-6337
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.27% / 50.19%
||
7 Day CHG~0.00%
Published-04 Nov, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2013-5718
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.88% / 74.48%
||
7 Day CHG~0.00%
Published-13 Sep, 2013 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_nbap_T_dCH_ID function in epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not restrict the dch_id value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2013-6340
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.88% / 74.48%
||
7 Day CHG~0.00%
Published-04 Nov, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-tcp.c in the TCP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly determine the amount of remaining data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2007-0458
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-1.50% / 80.40%
||
7 Day CHG~0.00%
Published-02 Feb, 2007 | 20:00
Updated-07 Aug, 2024 | 12:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the HTTP dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors, a different issue than CVE-2006-5468.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2007-0457
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-1.50% / 80.40%
||
7 Day CHG~0.00%
Published-02 Feb, 2007 | 20:00
Updated-07 Aug, 2024 | 12:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the IEEE 802.11 dissector in Wireshark (formerly Ethereal) 0.10.14 through 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2007-0456
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-1.50% / 80.40%
||
7 Day CHG~0.00%
Published-02 Feb, 2007 | 20:00
Updated-07 Aug, 2024 | 12:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the LLT dissector in Wireshark (formerly Ethereal) 0.99.3 and 0.99.4 allows remote attackers to cause a denial of service (application crash) via unspecified vectors.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2006-4330
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-11.53% / 93.35%
||
7 Day CHG~0.00%
Published-24 Aug, 2006 | 20:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in the SCSI dissector in Wireshark (formerly Ethereal) 0.99.2 allows remote attackers to cause a denial of service (crash) via unspecified vectors.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2016-2522
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.22% / 44.22%
||
7 Day CHG~0.00%
Published-28 Feb, 2016 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_ber_constrained_bitstring function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 2.0.x before 2.0.2 does not verify that a certain length is nonzero, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-0585
Matching Score-8
Assigner-GitLab Inc.
ShareView Details
Matching Score-8
Assigner-GitLab Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.03% / 7.69%
||
7 Day CHG~0.00%
Published-18 Feb, 2022 | 00:00
Updated-02 Aug, 2024 | 23:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Large loops in multiple protocol dissectors in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture file

Action-Not Available
Vendor-Wireshark FoundationDebian GNU/LinuxFedora Project
Product-wiresharkdebian_linuxfedoraWireshark
CWE ID-CWE-834
Excessive Iteration
CVE-2013-5719
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-0.31% / 53.98%
||
7 Day CHG~0.00%
Published-13 Sep, 2013 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-assa_r3.c in the ASSA R3 dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2013-4935
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-1.44% / 79.90%
||
7 Day CHG~0.00%
Published-29 Jul, 2013 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in certain abnormal situations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2012-4286
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-2.19% / 83.70%
||
7 Day CHG~0.00%
Published-16 Aug, 2012 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The pcapng_read_packet_block function in wiretap/pcapng.c in the pcap-ng file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted pcap-ng file.

Action-Not Available
Vendor-n/aSun Microsystems (Oracle Corporation)Wireshark Foundation
Product-wiresharksunosn/a
CVE-2021-4183
Matching Score-8
Assigner-GitLab Inc.
ShareView Details
Matching Score-8
Assigner-GitLab Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.42%
||
7 Day CHG~0.00%
Published-30 Dec, 2021 | 00:00
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Crash in the pcapng file parser in Wireshark 3.6.0 allows denial of service via crafted capture file

Action-Not Available
Vendor-Wireshark FoundationOracle CorporationFedora Project
Product-wiresharkhttp_serverfedorazfs_storage_appliance_kitWireshark
CWE ID-CWE-125
Out-of-bounds Read
CVE-2012-3548
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.49% / 64.67%
||
7 Day CHG~0.00%
Published-30 Aug, 2012 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_drda function in epan/dissectors/packet-drda.c in Wireshark 1.6.x through 1.6.10 and 1.8.x through 1.8.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a small value for a certain length field in a capture file.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found