Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2012-4295

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-16 Aug, 2012 | 10:00
Updated At-06 Aug, 2024 | 20:35
Rejected At-
Credits

Array index error in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 might allow remote attackers to cause a denial of service (application crash) via a crafted speed (aka rate) value.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:16 Aug, 2012 | 10:00
Updated At:06 Aug, 2024 | 20:35
Rejected At:
▼CVE Numbering Authority (CNA)

Array index error in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 might allow remote attackers to cause a denial of service (application crash) via a crafted speed (aka rate) value.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://www.securityfocus.com/bid/55035
vdb-entry
x_refsource_BID
http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-erf.c?r1=44419&r2=44418&pathrev=44419
x_refsource_CONFIRM
http://secunia.com/advisories/54425
third-party-advisory
x_refsource_SECUNIA
http://anonsvn.wireshark.org/viewvc?view=revision&revision=44419
x_refsource_CONFIRM
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark3
x_refsource_CONFIRM
http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml
vendor-advisory
x_refsource_GENTOO
http://secunia.com/advisories/51363
third-party-advisory
x_refsource_SECUNIA
http://www.wireshark.org/security/wnpa-sec-2012-16.html
x_refsource_CONFIRM
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15718
vdb-entry
signature
x_refsource_OVAL
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7563
x_refsource_CONFIRM
http://secunia.com/advisories/50276
third-party-advisory
x_refsource_SECUNIA
https://hermes.opensuse.org/messages/15514562
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.securityfocus.com/bid/55035
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-erf.c?r1=44419&r2=44418&pathrev=44419
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/54425
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://anonsvn.wireshark.org/viewvc?view=revision&revision=44419
Resource:
x_refsource_CONFIRM
Hyperlink: https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark3
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://secunia.com/advisories/51363
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.wireshark.org/security/wnpa-sec-2012-16.html
Resource:
x_refsource_CONFIRM
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15718
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7563
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/50276
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://hermes.opensuse.org/messages/15514562
Resource:
vendor-advisory
x_refsource_SUSE
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://www.securityfocus.com/bid/55035
vdb-entry
x_refsource_BID
x_transferred
http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-erf.c?r1=44419&r2=44418&pathrev=44419
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/54425
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://anonsvn.wireshark.org/viewvc?view=revision&revision=44419
x_refsource_CONFIRM
x_transferred
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark3
x_refsource_CONFIRM
x_transferred
http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://secunia.com/advisories/51363
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.wireshark.org/security/wnpa-sec-2012-16.html
x_refsource_CONFIRM
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15718
vdb-entry
signature
x_refsource_OVAL
x_transferred
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7563
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/50276
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://hermes.opensuse.org/messages/15514562
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.securityfocus.com/bid/55035
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-erf.c?r1=44419&r2=44418&pathrev=44419
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/54425
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://anonsvn.wireshark.org/viewvc?view=revision&revision=44419
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark3
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://secunia.com/advisories/51363
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.wireshark.org/security/wnpa-sec-2012-16.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15718
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7563
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/50276
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://hermes.opensuse.org/messages/15514562
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:16 Aug, 2012 | 10:38
Updated At:29 Apr, 2026 | 01:13

Array index error in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 might allow remote attackers to cause a denial of service (application crash) via a crafted speed (aka rate) value.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.03.3LOW
AV:A/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 2.0
Base score: 3.3
Base severity: LOW
Vector:
AV:A/AC:L/Au:N/C:N/I:N/A:P
CPE Matches

Wireshark Foundation
wireshark
>>wireshark>>1.8.0
cpe:2.3:a:wireshark:wireshark:1.8.0:*:*:*:*:*:*:*
Wireshark Foundation
wireshark
>>wireshark>>1.8.1
cpe:2.3:a:wireshark:wireshark:1.8.1:*:*:*:*:*:*:*
Sun Microsystems (Oracle Corporation)
sun
>>sunos>>5.11
cpe:2.3:o:sun:sunos:5.11:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-erf.c?r1=44419&r2=44418&pathrev=44419cve@mitre.org
Exploit
Patch
http://anonsvn.wireshark.org/viewvc?view=revision&revision=44419cve@mitre.org
N/A
http://secunia.com/advisories/50276cve@mitre.org
N/A
http://secunia.com/advisories/51363cve@mitre.org
N/A
http://secunia.com/advisories/54425cve@mitre.org
N/A
http://www.gentoo.org/security/en/glsa/glsa-201308-05.xmlcve@mitre.org
N/A
http://www.securityfocus.com/bid/55035cve@mitre.org
N/A
http://www.wireshark.org/security/wnpa-sec-2012-16.htmlcve@mitre.org
Vendor Advisory
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark3cve@mitre.org
N/A
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7563cve@mitre.org
N/A
https://hermes.opensuse.org/messages/15514562cve@mitre.org
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15718cve@mitre.org
N/A
http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-erf.c?r1=44419&r2=44418&pathrev=44419af854a3a-2127-422b-91ae-364da2661108
Exploit
Patch
http://anonsvn.wireshark.org/viewvc?view=revision&revision=44419af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/50276af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/51363af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/54425af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.gentoo.org/security/en/glsa/glsa-201308-05.xmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/55035af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.wireshark.org/security/wnpa-sec-2012-16.htmlaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark3af854a3a-2127-422b-91ae-364da2661108
N/A
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7563af854a3a-2127-422b-91ae-364da2661108
N/A
https://hermes.opensuse.org/messages/15514562af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15718af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-erf.c?r1=44419&r2=44418&pathrev=44419
Source: cve@mitre.org
Resource:
Exploit
Patch
Hyperlink: http://anonsvn.wireshark.org/viewvc?view=revision&revision=44419
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/50276
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/51363
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/54425
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/55035
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.wireshark.org/security/wnpa-sec-2012-16.html
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark3
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7563
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://hermes.opensuse.org/messages/15514562
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15718
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-erf.c?r1=44419&r2=44418&pathrev=44419
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Patch
Hyperlink: http://anonsvn.wireshark.org/viewvc?view=revision&revision=44419
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/50276
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/51363
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/54425
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/55035
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.wireshark.org/security/wnpa-sec-2012-16.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark3
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7563
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://hermes.opensuse.org/messages/15514562
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15718
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

265Records found

CVE-2012-4292
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-1.91% / 77.32%
||
7 Day CHG~0.00%
Published-16 Aug, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly interact with key-destruction behavior in a certain tree library, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.

Action-Not Available
Vendor-n/aWireshark FoundationopenSUSESun Microsystems (Oracle Corporation)
Product-wiresharksunosopensusen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-3934
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-3.3||LOW
EPSS-0.62% / 45.49%
||
7 Day CHG~0.00%
Published-04 Sep, 2008 | 19:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2008-3933
Matching Score-10
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-10
Assigner-Red Hat, Inc.
CVSS Score-3.3||LOW
EPSS-0.62% / 45.49%
||
7 Day CHG~0.00%
Published-04 Sep, 2008 | 19:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers to cause a denial of service (crash) via a packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-2483
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-1.08% / 61.03%
||
7 Day CHG~0.00%
Published-07 Mar, 2013 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The acn_add_dmp_data function in epan/dissectors/packet-acn.c in the ACN dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via an invalid count value in ACN_DMP_ADT_D_RE DMP data.

Action-Not Available
Vendor-n/aWireshark FoundationopenSUSEDebian GNU/Linux
Product-debian_linuxwiresharkopensusen/a
CVE-2012-5237
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-0.89% / 54.84%
||
7 Day CHG~0.00%
Published-04 Oct, 2012 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2012-5238
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-0.91% / 55.62%
||
7 Day CHG~0.00%
Published-04 Oct, 2012 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.3 uses incorrect OUI data structures during the decoding of (1) PPP and (2) LCP data, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a malformed packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2012-3826
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-3.44% / 87.53%
||
7 Day CHG~0.00%
Published-30 Jun, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple integer underflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (loop) via vectors related to the R3 dissector, a different vulnerability than CVE-2012-2392.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2012-4048
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-1.39% / 68.93%
||
7 Day CHG~0.00%
Published-24 Jul, 2012 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The PPP dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via a crafted packet, as demonstrated by a usbmon dump.

Action-Not Available
Vendor-n/aWireshark FoundationDebian GNU/Linux
Product-debian_linuxwiresharkn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2012-4290
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-1.19% / 64.28%
||
7 Day CHG~0.00%
Published-16 Aug, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The CTDB dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a malformed packet.

Action-Not Available
Vendor-n/aWireshark FoundationopenSUSESun Microsystems (Oracle Corporation)Red Hat, Inc.
Product-opensusewiresharksunosenterprise_linuxn/a
CVE-2012-4293
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-1.19% / 64.06%
||
7 Day CHG~0.00%
Published-16 Aug, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly handle certain integer fields, which allows remote attackers to cause a denial of service (application exit) via a malformed packet.

Action-Not Available
Vendor-n/aWireshark FoundationopenSUSESun Microsystems (Oracle Corporation)
Product-wiresharksunosopensusen/a
CVE-2012-4288
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-1.94% / 77.69%
||
7 Day CHG~0.00%
Published-16 Aug, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop or application crash) via a large value for a span length.

Action-Not Available
Vendor-n/aWireshark FoundationopenSUSESun Microsystems (Oracle Corporation)
Product-wiresharksunosopensusen/a
CVE-2012-4289
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-1.29% / 66.76%
||
7 Day CHG~0.00%
Published-16 Aug, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-afp.c in the AFP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a large number of ACL entries.

Action-Not Available
Vendor-n/aWireshark FoundationopenSUSESun Microsystems (Oracle Corporation)Red Hat, Inc.
Product-opensusewiresharksunosenterprise_linuxn/a
CVE-2012-4285
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-2.08% / 79.26%
||
7 Day CHG~0.00%
Published-16 Aug, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a zero-length message.

Action-Not Available
Vendor-n/aWireshark FoundationopenSUSESun Microsystems (Oracle Corporation)Red Hat, Inc.
Product-opensusewiresharksunosenterprise_linuxn/a
CVE-2012-4296
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-2.13% / 79.67%
||
7 Day CHG~0.00%
Published-16 Aug, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet.

Action-Not Available
Vendor-n/aWireshark FoundationopenSUSESun Microsystems (Oracle Corporation)
Product-wiresharksunosopensusen/a
CVE-2012-2394
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-3.3||LOW
EPSS-3.98% / 89.22%
||
7 Day CHG~0.00%
Published-30 Jun, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and Itanium platforms does not properly perform data alignment for a certain structure member, which allows remote attackers to cause a denial of service (application crash) via a (1) ICMP or (2) ICMPv6 Echo Request packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-2393
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-3.3||LOW
EPSS-3.77% / 88.62%
||
7 Day CHG~0.00%
Published-30 Jun, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 does not properly construct certain array data structures, which allows remote attackers to cause a denial of service (application crash) via a crafted packet that triggers incorrect memory allocation.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2012-2392
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-3.3||LOW
EPSS-3.47% / 87.62%
||
7 Day CHG~0.00%
Published-30 Jun, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allows remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) ANSI MAP, (2) ASF, (3) IEEE 802.11, (4) IEEE 802.3, and (5) LTP dissectors.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2012-1594
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-3.3||LOW
EPSS-1.58% / 72.57%
||
7 Day CHG~0.00%
Published-11 Apr, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2012-1593
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-3.3||LOW
EPSS-11.29% / 95.44%
||
7 Day CHG~0.00%
Published-11 Apr, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2010-2286
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-1.12% / 62.18%
||
7 Day CHG~0.00%
Published-15 Jun, 2010 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2010-2283
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-1.12% / 62.18%
||
7 Day CHG~0.00%
Published-15 Jun, 2010 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2007-6441
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-3.3||LOW
EPSS-1.00% / 58.57%
||
7 Day CHG~0.00%
Published-19 Dec, 2007 | 22:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The WiMAX dissector in Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors related to "unaligned access on some platforms."

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2013-2480
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-1.05% / 60.17%
||
7 Day CHG~0.00%
Published-07 Mar, 2013 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The RTPS and RTPS2 dissectors in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allow remote attackers to cause a denial of service (application crash) via a malformed packet.

Action-Not Available
Vendor-n/aWireshark FoundationopenSUSEDebian GNU/Linux
Product-debian_linuxwiresharkopensusen/a
CVE-2013-2484
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-1.05% / 60.17%
||
7 Day CHG~0.00%
Published-07 Mar, 2013 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet.

Action-Not Available
Vendor-n/aWireshark FoundationopenSUSEDebian GNU/Linux
Product-debian_linuxwiresharkopensusen/a
CVE-2012-3825
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-3.35% / 87.21%
||
7 Day CHG~0.00%
Published-30 Jun, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) BACapp and (2) Bluetooth HCI dissectors, a different vulnerability than CVE-2012-2392.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2013-2478
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-1.08% / 61.03%
||
7 Day CHG~0.00%
Published-07 Mar, 2013 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_server_info function in epan/dissectors/packet-ms-mms.c in the MS-MMS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not properly manage string lengths, which allows remote attackers to cause a denial of service (application crash) via a malformed packet that (1) triggers an integer overflow or (2) has embedded '\0' characters in a string.

Action-Not Available
Vendor-n/aWireshark FoundationopenSUSEDebian GNU/Linux
Product-debian_linuxwiresharkopensusen/a
CVE-2013-2479
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-1.05% / 60.17%
||
7 Day CHG~0.00%
Published-07 Mar, 2013 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_mpls_echo_tlv_dd_map function in epan/dissectors/packet-mpls-echo.c in the MPLS Echo dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via invalid Sub-tlv data.

Action-Not Available
Vendor-n/aWireshark FoundationopenSUSE
Product-wiresharkopensusen/a
CVE-2013-2477
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-0.99% / 58.30%
||
7 Day CHG~0.00%
Published-07 Mar, 2013 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The CSN.1 dissector in Wireshark 1.8.x before 1.8.6 does not properly manage function pointers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.

Action-Not Available
Vendor-n/aWireshark FoundationopenSUSE
Product-wiresharkopensusen/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-2475
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-1.14% / 62.70%
||
7 Day CHG~0.00%
Published-07 Mar, 2013 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The TCP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet.

Action-Not Available
Vendor-n/aWireshark FoundationopenSUSE
Product-wiresharkopensusen/a
CVE-2012-4291
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-1.19% / 64.28%
||
7 Day CHG~0.00%
Published-16 Aug, 2012 | 10:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.

Action-Not Available
Vendor-n/aWireshark FoundationopenSUSESun Microsystems (Oracle Corporation)Red Hat, Inc.
Product-opensusewiresharksunosenterprise_linuxn/a
CVE-2010-2285
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-3.3||LOW
EPSS-1.13% / 62.43%
||
7 Day CHG~0.00%
Published-15 Jun, 2010 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CVE-2020-7045
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.46% / 70.32%
||
7 Day CHG~0.00%
Published-16 Jan, 2020 | 03:07
Updated-04 Aug, 2024 | 09:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Wireshark 3.0.x before 3.0.8, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by validating opcodes.

Action-Not Available
Vendor-n/aWireshark FoundationDebian GNU/Linux
Product-wiresharkdebian_linuxn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2014-2281
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-2.96% / 85.55%
||
7 Day CHG+0.02%
Published-11 Mar, 2014 | 01:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-7112
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.31% / 81.25%
||
7 Day CHG~0.00%
Published-19 Dec, 2013 | 22:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-6339
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-1.99% / 78.20%
||
7 Day CHG~0.00%
Published-04 Nov, 2013 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_openwire_type function in epan/dissectors/packet-openwire.c in the OpenWire dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (loop) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-6340
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-1.67% / 74.00%
||
7 Day CHG~0.00%
Published-04 Nov, 2013 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-tcp.c in the TCP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly determine the amount of remaining data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-6336
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-1.93% / 77.59%
||
7 Day CHG~0.00%
Published-04 Nov, 2013 | 15:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c in the IEEE 802.15.4 dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 uses an incorrect pointer chain, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-5717
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-1.88% / 76.98%
||
7 Day CHG~0.00%
Published-13 Sep, 2013 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Bluetooth HCI ACL dissector in Wireshark 1.10.x before 1.10.2 does not properly maintain a certain free list, which allows remote attackers to cause a denial of service (application crash) via a crafted packet that is not properly handled by the wmem_block_alloc function in epan/wmem/wmem_allocator_block.c.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-5721
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.3||MEDIUM
EPSS-1.68% / 74.18%
||
7 Day CHG~0.00%
Published-13 Sep, 2013 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_mq_rr function in epan/dissectors/packet-mq.c in the MQ dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not properly determine when to enter a certain loop, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-4932
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-3.27% / 86.89%
||
7 Day CHG~0.00%
Published-29 Jul, 2013 | 19:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple array index errors in epan/dissectors/packet-gsm_a_common.c in the GSM A Common dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allow remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-4078
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-3.40% / 87.39%
||
7 Day CHG~0.00%
Published-09 Jun, 2013 | 21:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-rdp.c in the RDP dissector in Wireshark 1.8.x before 1.8.8 does not validate return values during checks for data availability, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark FoundationopenSUSEDebian GNU/Linux
Product-debian_linuxwiresharkopensusen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-4083
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-3.28% / 86.92%
||
7 Day CHG~0.00%
Published-09 Jun, 2013 | 21:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-3556
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.82% / 84.86%
||
7 Day CHG~0.00%
Published-25 May, 2013 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.

Action-Not Available
Vendor-n/aWireshark FoundationopenSUSEDebian GNU/Linux
Product-debian_linuxwiresharkopensusen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-3555
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-2.40% / 82.02%
||
7 Day CHG~0.00%
Published-25 May, 2013 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.

Action-Not Available
Vendor-n/aWireshark FoundationopenSUSEDebian GNU/Linux
Product-debian_linuxwiresharkopensusen/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-1577
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-2.9||LOW
EPSS-0.73% / 49.69%
||
7 Day CHG~0.00%
Published-03 Feb, 2013 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_sip_p_charging_func_addresses function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle offset data associated with a quoted string, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-1573
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-2.9||LOW
EPSS-0.73% / 49.69%
||
7 Day CHG~0.00%
Published-03 Feb, 2013 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle a large number of padding bits, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-1572
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-2.9||LOW
EPSS-0.73% / 49.69%
||
7 Day CHG~0.00%
Published-03 Feb, 2013 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_oampdu_event_notification function in epan/dissectors/packet-slowprotocols.c in the IEEE 802.3 Slow Protocols dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle certain short lengths, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-1574
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-2.9||LOW
EPSS-0.73% / 49.69%
||
7 Day CHG~0.00%
Published-03 Feb, 2013 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_bthci_eir_ad_data function in epan/dissectors/packet-bthci_cmd.c in the Bluetooth HCI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a counter variable, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-1583
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-2.9||LOW
EPSS-0.74% / 50.08%
||
7 Day CHG~0.00%
Published-03 Feb, 2013 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_version_4_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-1578
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-2.9||LOW
EPSS-0.73% / 49.69%
||
7 Day CHG~0.00%
Published-03 Feb, 2013 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The dissect_pw_eth_heuristic function in epan/dissectors/packet-pw-eth.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle apparent Ethernet address values at the beginning of MPLS data, which allows remote attackers to cause a denial of service (loop) via a malformed packet.

Action-Not Available
Vendor-n/aWireshark Foundation
Product-wiresharkn/a
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • Next
Details not found