Wireshark : Security Vulnerabilities, CVEs, Published In May 2013 (Overflow)
The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
Max CVSS
5.0
EPSS Score
4.72%
Published
2013-05-25
Updated
2018-10-30
epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet.
Max CVSS
5.0
EPSS Score
1.18%
Published
2013-05-25
Updated
2018-10-30
The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
Max CVSS
5.0
EPSS Score
0.69%
Published
2013-05-25
Updated
2018-10-30
3 vulnerabilities found