Wireshark : Security Vulnerabilities, CVEs, Published In 2011 (Overflow) CVSS score >= 4
Heap-based buffer overflow in the erf_read_header function in wiretap/erf.c in the ERF file parser in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (application crash) via a malformed file.
Max CVSS
4.3
EPSS Score
0.30%
Published
2011-11-03
Updated
2017-09-19
Wireshark 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (application crash) via a malformed capture file that leads to an invalid root tvbuff, related to a "buffer exception handling vulnerability."
Max CVSS
4.3
EPSS Score
1.22%
Published
2011-09-20
Updated
2017-09-19
The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service (application crash) via a large length value in a snoop file that triggers a stack-based buffer over-read.
Max CVSS
4.3
EPSS Score
0.78%
Published
2011-06-06
Updated
2017-09-19
CVE-2011-1591
Public exploit
Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file.
Max CVSS
9.3
EPSS Score
96.38%
Published
2011-04-29
Updated
2017-09-19
Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file.
Max CVSS
6.8
EPSS Score
0.38%
Published
2011-03-03
Updated
2023-02-13
Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file.
Max CVSS
6.8
EPSS Score
5.08%
Published
2011-02-08
Updated
2017-09-19
Buffer overflow in the MAC-LTE dissector (epan/dissectors/packet-mac-lte.c) in Wireshark 1.2.0 through 1.2.13 and 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of RARs.
Max CVSS
10.0
EPSS Score
7.34%
Published
2011-01-13
Updated
2017-09-19
Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted capture file.
Max CVSS
9.3
EPSS Score
2.65%
Published
2011-03-28
Updated
2023-02-13
Buffer overflow in the sect_enttec_dmx_da function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding (RLE) compression.
Max CVSS
9.3
EPSS Score
90.70%
Published
2011-01-07
Updated
2017-09-19
9 vulnerabilities found