Wireshark : Security Vulnerabilities, CVEs, Published In 2009 (Overflow)
Buffer overflow in the daintree_sna_read function in the Daintree SNA file parser in Wireshark 1.2.0 through 1.2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet.
Max CVSS
9.3
EPSS Score
4.32%
Published
2009-12-21
Updated
2017-09-19
Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability."
Max CVSS
9.3
EPSS Score
6.41%
Published
2009-10-30
Updated
2017-09-19
Buffer overflow in the IPMI dissector in Wireshark 1.2.0 allows remote attackers to cause a denial of service (crash) via unspecified vectors related to an array index error. NOTE: some of these details are obtained from third party information.
Max CVSS
5.0
EPSS Score
0.30%
Published
2009-07-21
Updated
2017-09-19
Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obtained from third party information.
Max CVSS
10.0
EPSS Score
93.90%
Published
2009-04-01
Updated
2018-10-10
Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable.
Max CVSS
2.1
EPSS Score
0.05%
Published
2009-02-16
Updated
2018-10-10
Buffer overflow in wiretap/netscreen.c in Wireshark 0.99.7 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed NetScreen snoop file.
Max CVSS
5.0
EPSS Score
0.91%
Published
2009-02-16
Updated
2018-10-10
6 vulnerabilities found