| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complex
ity
|
Authen
tication
|
Confiden
tiality
|
Integrity
|
Availa
bility
|
|
1 |
CVE-2012-1596 |
399 |
|
DoS |
2012-04-11 |
2012-04-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The mp2t_process_fragmented_payload function in epan/dissectors/packet-mp2t.c in the MP2T dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (application crash) via a packet containing an invalid pointer value that triggers an incorrect memory-allocation attempt. |
|
2 |
CVE-2012-1595 |
399 |
|
DoS |
2012-04-11 |
2012-04-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The pcap_process_pseudo_header function in wiretap/pcap-common.c in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (application crash) via a WTAP_ENCAP_ERF file containing an Extension or Multi-Channel header with an invalid pseudoheader size, related to the pcap and pcap-ng file parsers. |
|
3 |
CVE-2012-1594 |
94 |
|
DoS |
2012-04-11 |
2012-04-11 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. |
|
4 |
CVE-2012-1593 |
|
|
DoS |
2012-04-11 |
2012-04-11 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet. |
|
5 |
CVE-2012-0068 |
20 |
|
DoS |
2012-04-11 |
2012-04-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The lanalyzer_read function in wiretap/lanalyzer.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a Novell catpure file containing a record that is too small. |
|
6 |
CVE-2012-0067 |
20 |
|
DoS |
2012-04-11 |
2012-04-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
wiretap/iptrace.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in an AIX iptrace file. |
|
7 |
CVE-2012-0066 |
20 |
|
DoS |
2012-04-11 |
2012-04-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in a (1) Accellent 5Views (aka .5vw) file, (2) I4B trace file, or (3) NETMON 2 capture file. |
|
8 |
CVE-2012-0043 |
119 |
|
DoS Exec Code Overflow |
2012-04-11 |
2012-04-11 |
5.8 |
None |
Local Network |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the reassemble_message function in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a series of fragmented RLC packets. |
|
9 |
CVE-2012-0042 |
|
|
DoS |
2012-04-11 |
2012-04-11 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 does not properly perform certain string conversions, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet, related to epan/to_str.c. |
|
10 |
CVE-2012-0041 |
20 |
|
DoS |
2012-04-11 |
2012-04-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_packet function in epan/packet.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in a capture file, as demonstrated by an airopeek file. |
|
11 |
CVE-2011-4102 |
119 |
|
DoS Overflow |
2011-11-03 |
2012-02-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Heap-based buffer overflow in the erf_read_header function in wiretap/erf.c in the ERF file parser in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (application crash) via a malformed file. |
|
12 |
CVE-2011-4101 |
|
|
DoS |
2011-11-03 |
2011-11-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_infiniband_common function in epan/dissectors/packet-infiniband.c in the Infiniband dissector in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet. |
|
13 |
CVE-2011-4100 |
399 |
|
DoS |
2011-11-03 |
2011-11-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.3 does not initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
14 |
CVE-2011-3484 |
20 |
|
DoS |
2011-09-20 |
2011-10-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The unxorFrame function in epan/dissectors/packet-opensafety.c in the OpenSafety dissector in Wireshark 1.6.x before 1.6.2 does not properly validate a certain frame size, which allows remote attackers to cause a denial of service (loop and application crash) via a malformed packet. |
|
15 |
CVE-2011-3483 |
119 |
|
DoS Overflow |
2011-09-20 |
2011-10-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Wireshark 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (application crash) via a malformed capture file that leads to an invalid root tvbuff, related to a "buffer exception handling vulnerability." |
|
16 |
CVE-2011-3482 |
399 |
|
DoS |
2011-09-20 |
2011-10-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.2 does not initialize a certain structure member, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
17 |
CVE-2011-3360 |
|
|
+Priv |
2011-09-20 |
2011-10-25 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2 allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory. |
|
18 |
CVE-2011-3266 |
399 |
|
DoS |
2011-08-23 |
2012-02-27 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
The proto_tree_add_item function in Wireshark 1.6.0 through 1.6.1 and 1.4.0 through 1.4.8, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service (infinite loop) via vectors involving a malformed IKE packet and many items in a tree. |
|
19 |
CVE-2011-2698 |
189 |
|
DoS |
2011-08-23 |
2011-08-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Off-by-one error in the elem_cell_id_aux function in epan/dissectors/packet-ansi_a.c in the ANSI MAP dissector in Wireshark 1.4.x before 1.4.8 and 1.6.x before 1.6.1 allows remote attackers to cause a denial of service (infinite loop) via an invalid packet. |
|
20 |
CVE-2011-2597 |
399 |
|
DoS |
2011-07-07 |
2012-01-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0 allows remote attackers to cause a denial of service (infinite loop) via malformed packets. |
|
21 |
CVE-2011-2175 |
189 |
|
DoS |
2011-06-06 |
2011-09-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Integer underflow in the visual_read function in wiretap/visual.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a malformed Visual Networks file that triggers a heap-based buffer over-read. |
|
22 |
CVE-2011-2174 |
399 |
|
DoS |
2011-06-06 |
2011-09-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a packet with malformed data that uses zlib compression. |
|
23 |
CVE-2011-1959 |
119 |
|
DoS Overflow |
2011-06-06 |
2011-09-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service (application crash) via a large length value in a snoop file that triggers a stack-based buffer over-read. |
|
24 |
CVE-2011-1958 |
|
|
DoS |
2011-06-06 |
2011-09-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Diameter dictionary file. |
|
25 |
CVE-2011-1957 |
399 |
|
DoS |
2011-06-06 |
2011-09-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_dcm_main function in epan/dissectors/packet-dcm.c in the DICOM dissector in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (infinite loop) via an invalid PDU length. |
|
26 |
CVE-2011-1956 |
|
|
DoS |
2011-06-06 |
2011-06-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The bytes_repr_len function in Wireshark 1.4.5 uses an incorrect pointer argument, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via arbitrary TCP traffic. |
|
27 |
CVE-2011-1592 |
189 |
|
DoS |
2011-04-29 |
2011-09-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x before 1.4.5 on Windows uses an incorrect integer data type during decoding of SETCLIENTID calls, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file. |
|
28 |
CVE-2011-1591 |
119 |
2
|
Exec Code Overflow |
2011-04-29 |
2011-09-06 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file. |
|
29 |
CVE-2011-1590 |
399 |
|
DoS |
2011-04-29 |
2011-09-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file. |
|
30 |
CVE-2011-1143 |
|
|
DoS |
2011-03-02 |
2011-09-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file. |
|
31 |
CVE-2011-1142 |
399 |
|
DoS |
2011-03-02 |
2011-04-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Stack consumption vulnerability in the dissect_ber_choice function in the BER dissector in Wireshark 1.2.x through 1.2.15 and 1.4.x through 1.4.4 might allow remote attackers to cause a denial of service (infinite loop) via vectors involving self-referential ASN.1 CHOICE values. |
|
32 |
CVE-2011-1141 |
399 |
|
DoS |
2011-03-02 |
2011-09-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many elements. |
|
33 |
CVE-2011-1140 |
399 |
|
DoS |
2011-03-02 |
2011-09-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service (infinite recursion) via a crafted (1) SMB or (2) Connection-less LDAP (CLDAP) packet. |
|
34 |
CVE-2011-1139 |
399 |
|
DoS |
2011-03-02 |
2011-09-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) via a pcap-ng file that contains a large packet-length field. |
|
35 |
CVE-2011-1138 |
189 |
|
DoS |
2011-03-02 |
2011-09-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Off-by-one error in the dissect_6lowpan_iphc function in packet-6lowpan.c in Wireshark 1.4.0 through 1.4.3 on 32-bit platforms allows remote attackers to cause a denial of service (application crash) via a malformed 6LoWPAN IPv6 packet. |
|
36 |
CVE-2011-0713 |
119 |
|
DoS Overflow |
2011-03-02 |
2011-09-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file. |
|
37 |
CVE-2011-0538 |
119 |
|
DoS Overflow Mem. Corr. |
2011-02-08 |
2011-09-07 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file. |
|
38 |
CVE-2011-0445 |
399 |
|
DoS |
2011-01-12 |
2011-02-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (assertion failure) via crafted packets, as demonstrated by fuzz-2010-12-30-28473.pcap. |
|
39 |
CVE-2011-0444 |
119 |
|
DoS Exec Code Overflow |
2011-01-12 |
2011-04-08 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the MAC-LTE dissector (epan/dissectors/packet-mac-lte.c) in Wireshark 1.2.0 through 1.2.13 and 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of RARs. |
|
40 |
CVE-2011-0024 |
119 |
|
DoS Exec Code Overflow |
2011-03-28 |
2011-03-29 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted capture file. |
|
41 |
CVE-2010-4538 |
119 |
|
DoS Exec Code Overflow |
2011-01-07 |
2011-01-20 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the sect_enttec_dmx_da function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding (RLE) compression. |
|
42 |
CVE-2010-4301 |
399 |
1
|
DoS |
2010-11-26 |
2011-02-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted ZCL packet, related to Discover Attributes. |
|
43 |
CVE-2010-4300 |
119 |
1
|
DoS Exec Code Overflow Mem. Corr. |
2010-11-26 |
2011-02-23 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an LDSS packet with a long digest line that triggers memory corruption. |
|
44 |
CVE-2010-3445 |
399 |
|
DoS |
2010-11-26 |
2011-09-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long string in an unknown ASN.1/BER encoded packet, as demonstrated using SNMP. |
|
45 |
CVE-2010-3133 |
|
1
|
Exec Code |
2010-08-26 |
2011-07-19 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as a file that automatically launches Wireshark. |
|
46 |
CVE-2010-2995 |
189 |
|
DoS Exec Code Overflow |
2010-08-13 |
2011-02-17 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error, which triggers a buffer overflow, different vulnerabilities than CVE-2010-2287. |
|
47 |
CVE-2010-2994 |
119 |
|
Overflow |
2010-08-13 |
2011-02-17 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.14 and 1.2.0 through 1.2.9 has unknown impact and remote attack vectors. NOTE: this issue exists because of a CVE-2010-2284 regression. |
|
48 |
CVE-2010-2993 |
20 |
|
DoS |
2010-08-13 |
2011-02-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. |
|
49 |
CVE-2010-2992 |
|
|
DoS |
2010-08-13 |
2011-02-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
packet-gsm_a_rr.c in the GSM A RR dissector in Wireshark 1.2.2 through 1.2.9 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger a NULL pointer dereference. |
|
50 |
CVE-2010-2287 |
119 |
|
Overflow |
2010-06-15 |
2011-02-17 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. |
