Vulnerabilities > Opensuse > Opensuse > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-08-16 | CVE-2012-4285 | Numeric Errors vulnerability in multiple products The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a zero-length message. | 3.3 |
| 2012-08-16 | CVE-2012-4288 | Numeric Errors vulnerability in multiple products Integer overflow in the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop or application crash) via a large value for a span length. | 3.3 |
| 2012-08-16 | CVE-2012-4289 | Resource Management Errors vulnerability in multiple products epan/dissectors/packet-afp.c in the AFP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a large number of ACL entries. | 3.3 |
| 2012-08-16 | CVE-2012-4290 | Resource Management Errors vulnerability in multiple products The CTDB dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a malformed packet. | 3.3 |
| 2012-08-16 | CVE-2012-4291 | Resource Management Errors vulnerability in multiple products The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet. | 3.3 |
| 2012-08-16 | CVE-2012-4292 | Improper Input Validation vulnerability in multiple products The dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly interact with key-destruction behavior in a certain tree library, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | 3.3 |
| 2012-08-16 | CVE-2012-4293 | Numeric Errors vulnerability in multiple products plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly handle certain integer fields, which allows remote attackers to cause a denial of service (application exit) via a malformed packet. | 3.3 |
| 2012-08-16 | CVE-2012-4296 | Resource Management Errors vulnerability in multiple products Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet. | 3.3 |
| 2012-07-24 | CVE-2012-4049 | Code Injection vulnerability in multiple products epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (loop and CPU consumption) via a crafted packet. | 2.9 |
| 2008-08-08 | CVE-2008-1945 | QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004. | 2.1 |