| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2012-4296 |
399 |
|
DoS Overflow |
2012-08-16 |
2013-01-03 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet. |
|
2 |
CVE-2012-4293 |
189 |
|
DoS |
2012-08-16 |
2012-09-07 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly handle certain integer fields, which allows remote attackers to cause a denial of service (application exit) via a malformed packet. |
|
3 |
CVE-2012-4292 |
20 |
|
DoS |
2012-08-16 |
2012-09-07 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
The dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly interact with key-destruction behavior in a certain tree library, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. |
|
4 |
CVE-2012-4291 |
399 |
|
DoS |
2012-08-16 |
2013-02-06 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet. |
|
5 |
CVE-2012-4290 |
399 |
|
DoS |
2012-08-16 |
2013-02-06 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
The CTDB dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a malformed packet. |
|
6 |
CVE-2012-4289 |
399 |
|
DoS |
2012-08-16 |
2013-02-06 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-afp.c in the AFP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a large number of ACL entries. |
|
7 |
CVE-2012-4288 |
189 |
|
DoS Overflow |
2012-08-16 |
2012-09-07 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
Integer overflow in the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop or application crash) via a large value for a span length. |
|
8 |
CVE-2012-4285 |
189 |
|
DoS |
2012-08-16 |
2013-02-06 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a zero-length message. |
|
9 |
CVE-2012-4049 |
94 |
|
DoS |
2012-07-24 |
2012-09-07 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (loop and CPU consumption) via a crafted packet. |
|
10 |
CVE-2012-4048 |
94 |
|
DoS |
2012-07-24 |
2013-01-03 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
The PPP dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via a crafted packet, as demonstrated by a usbmon dump. |
|
11 |
CVE-2012-3826 |
189 |
|
DoS |
2012-06-30 |
2012-11-06 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
Multiple integer underflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (loop) via vectors related to the R3 dissector, a different vulnerability than CVE-2012-2392. |
|
12 |
CVE-2012-3825 |
189 |
|
DoS Overflow |
2012-06-30 |
2012-11-06 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) BACapp and (2) Bluetooth HCI dissectors, a different vulnerability than CVE-2012-2392. |
|
13 |
CVE-2012-2393 |
119 |
|
DoS Overflow |
2012-06-30 |
2012-11-06 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 does not properly construct certain array data structures, which allows remote attackers to cause a denial of service (application crash) via a crafted packet that triggers incorrect memory allocation. |
|
14 |
CVE-2012-2392 |
399 |
|
DoS |
2012-06-30 |
2012-11-06 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allows remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) ANSI MAP, (2) ASF, (3) IEEE 802.11, (4) IEEE 802.3, and (5) LTP dissectors. |
|
15 |
CVE-2012-1596 |
399 |
|
DoS |
2012-04-11 |
2012-11-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The mp2t_process_fragmented_payload function in epan/dissectors/packet-mp2t.c in the MP2T dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (application crash) via a packet containing an invalid pointer value that triggers an incorrect memory-allocation attempt. |
|
16 |
CVE-2012-1595 |
399 |
|
DoS |
2012-04-11 |
2013-01-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The pcap_process_pseudo_header function in wiretap/pcap-common.c in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (application crash) via a WTAP_ENCAP_ERF file containing an Extension or Multi-Channel header with an invalid pseudoheader size, related to the pcap and pcap-ng file parsers. |
|
17 |
CVE-2012-1593 |
|
|
DoS |
2012-04-11 |
2012-08-13 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet. |
|
18 |
CVE-2012-0068 |
20 |
|
DoS |
2012-04-11 |
2012-08-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The lanalyzer_read function in wiretap/lanalyzer.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a Novell catpure file containing a record that is too small. |
|
19 |
CVE-2012-0067 |
20 |
|
DoS |
2012-04-11 |
2013-02-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
wiretap/iptrace.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in an AIX iptrace file. |
|
20 |
CVE-2012-0066 |
20 |
|
DoS |
2012-04-11 |
2013-02-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in a (1) Accellent 5Views (aka .5vw) file, (2) I4B trace file, or (3) NETMON 2 capture file. |
|
21 |
CVE-2012-0043 |
119 |
|
DoS Exec Code Overflow |
2012-04-11 |
2013-04-01 |
5.8 |
None |
Local Network |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the reassemble_message function in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a series of fragmented RLC packets. |
|
22 |
CVE-2012-0042 |
|
|
DoS |
2012-04-11 |
2013-04-01 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
None |
Partial |
|
Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 does not properly perform certain string conversions, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet, related to epan/to_str.c. |
|
23 |
CVE-2012-0041 |
20 |
|
DoS |
2012-04-11 |
2013-02-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_packet function in epan/packet.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in a capture file, as demonstrated by an airopeek file. |
|
24 |
CVE-2011-4102 |
119 |
|
DoS Overflow |
2011-11-03 |
2013-02-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Heap-based buffer overflow in the erf_read_header function in wiretap/erf.c in the ERF file parser in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (application crash) via a malformed file. |
|
25 |
CVE-2011-4101 |
|
|
DoS |
2011-11-03 |
2012-08-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_infiniband_common function in epan/dissectors/packet-infiniband.c in the Infiniband dissector in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet. |
|
26 |
CVE-2011-3360 |
|
|
+Priv |
2011-09-20 |
2012-08-13 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2 allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory. |
|
27 |
CVE-2011-3266 |
399 |
|
DoS |
2011-08-23 |
2012-08-13 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
The proto_tree_add_item function in Wireshark 1.6.0 through 1.6.1 and 1.4.0 through 1.4.8, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service (infinite loop) via vectors involving a malformed IKE packet and many items in a tree. |
|
28 |
CVE-2011-2698 |
189 |
|
DoS |
2011-08-23 |
2013-02-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Off-by-one error in the elem_cell_id_aux function in epan/dissectors/packet-ansi_a.c in the ANSI MAP dissector in Wireshark 1.4.x before 1.4.8 and 1.6.x before 1.6.1 allows remote attackers to cause a denial of service (infinite loop) via an invalid packet. |
|
29 |
CVE-2011-2597 |
399 |
|
DoS |
2011-07-07 |
2013-01-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0 allows remote attackers to cause a denial of service (infinite loop) via malformed packets. |
|
30 |
CVE-2011-2175 |
189 |
|
DoS |
2011-06-06 |
2013-02-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Integer underflow in the visual_read function in wiretap/visual.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a malformed Visual Networks file that triggers a heap-based buffer over-read. |
|
31 |
CVE-2011-2174 |
399 |
|
DoS |
2011-06-06 |
2013-01-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a packet with malformed data that uses zlib compression. |
|
32 |
CVE-2011-1959 |
119 |
|
DoS Overflow |
2011-06-06 |
2013-02-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service (application crash) via a large length value in a snoop file that triggers a stack-based buffer over-read. |
|
33 |
CVE-2011-1958 |
|
|
DoS |
2011-06-06 |
2013-02-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows user-assisted remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Diameter dictionary file. |
|
34 |
CVE-2011-1957 |
399 |
|
DoS |
2011-06-06 |
2013-01-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The dissect_dcm_main function in epan/dissectors/packet-dcm.c in the DICOM dissector in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (infinite loop) via an invalid PDU length. |
|
35 |
CVE-2011-1592 |
189 |
|
DoS |
2011-04-29 |
2012-08-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x before 1.4.5 on Windows uses an incorrect integer data type during decoding of SETCLIENTID calls, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file. |
|
36 |
CVE-2011-1591 |
119 |
2
|
Exec Code Overflow |
2011-04-29 |
2012-08-13 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file. |
|
37 |
CVE-2011-1590 |
399 |
|
DoS |
2011-04-29 |
2013-01-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file. |
|
38 |
CVE-2011-1143 |
|
|
DoS |
2011-03-02 |
2013-01-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file. |
|
39 |
CVE-2011-1142 |
399 |
|
DoS |
2011-03-02 |
2012-08-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Stack consumption vulnerability in the dissect_ber_choice function in the BER dissector in Wireshark 1.2.x through 1.2.15 and 1.4.x through 1.4.4 might allow remote attackers to cause a denial of service (infinite loop) via vectors involving self-referential ASN.1 CHOICE values. |
|
40 |
CVE-2011-1141 |
399 |
|
DoS |
2011-03-02 |
2012-08-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many elements. |
|
41 |
CVE-2011-1140 |
399 |
|
DoS |
2011-03-02 |
2012-08-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service (infinite recursion) via a crafted (1) SMB or (2) Connection-less LDAP (CLDAP) packet. |
|
42 |
CVE-2011-1139 |
399 |
|
DoS |
2011-03-02 |
2012-08-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) via a pcap-ng file that contains a large packet-length field. |
|
43 |
CVE-2011-1138 |
189 |
|
DoS |
2011-03-02 |
2011-09-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Off-by-one error in the dissect_6lowpan_iphc function in packet-6lowpan.c in Wireshark 1.4.0 through 1.4.3 on 32-bit platforms allows remote attackers to cause a denial of service (application crash) via a malformed 6LoWPAN IPv6 packet. |
|
44 |
CVE-2011-0713 |
119 |
|
DoS Overflow |
2011-03-02 |
2012-08-13 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file. |
|
45 |
CVE-2011-0538 |
119 |
|
DoS Overflow Mem. Corr. |
2011-02-08 |
2012-08-13 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file. |
|
46 |
CVE-2011-0445 |
399 |
|
DoS |
2011-01-12 |
2012-08-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The ASN.1 BER dissector in Wireshark 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (assertion failure) via crafted packets, as demonstrated by fuzz-2010-12-30-28473.pcap. |
|
47 |
CVE-2011-0444 |
119 |
|
DoS Exec Code Overflow |
2011-01-12 |
2012-08-13 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the MAC-LTE dissector (epan/dissectors/packet-mac-lte.c) in Wireshark 1.2.0 through 1.2.13 and 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of RARs. |
|
48 |
CVE-2010-4301 |
399 |
1
|
DoS |
2010-11-26 |
2012-08-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted ZCL packet, related to Discover Attributes. |
|
49 |
CVE-2010-4300 |
119 |
1
|
DoS Exec Code Overflow Mem. Corr. |
2010-11-26 |
2012-08-13 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an LDSS packet with a long digest line that triggers memory corruption. |
