Vulnerabilities > Wireshark

DATE CVE VULNERABILITY TITLE RISK
2017-06-21 CVE-2017-9766 Uncontrolled Recursion vulnerability in multiple products
In Wireshark 2.2.7, PROFINET IO data with a high recursion depth allows remote attackers to cause a denial of service (stack exhaustion) in the dissect_IODWriteReq function in plugins/profinet/packet-dcerpc-pn-io.c.
network
low complexity
wireshark debian CWE-674
7.5
2017-06-14 CVE-2017-9617 Uncontrolled Recursion vulnerability in Wireshark 2.2.7
In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion (uncontrolled recursion) in the dissect_daap_one_tag function in epan/dissectors/packet-daap.c in the DAAP dissector.
local
low complexity
wireshark CWE-674
5.5
2017-06-14 CVE-2017-9616 Uncontrolled Recursion vulnerability in Wireshark 2.2.7
In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion (uncontrolled recursion) in the dissect_mp4_box function in epan/dissectors/file-mp4.c.
local
low complexity
wireshark CWE-674
5.5
2017-06-02 CVE-2017-9354 Improper Input Validation vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the RGMP dissector could crash.
network
low complexity
wireshark CWE-20
7.5
2017-06-02 CVE-2017-9353 Improper Input Validation vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.6, the IPv6 dissector could crash.
network
low complexity
wireshark CWE-20
7.5
2017-06-02 CVE-2017-9352 Infinite Loop vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector could go into an infinite loop.
network
low complexity
wireshark CWE-835
7.5
2017-06-02 CVE-2017-9351 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer.
network
low complexity
wireshark CWE-119
7.5
2017-06-02 CVE-2017-9350 Allocation of Resources Without Limits or Throttling vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY dissector could crash or exhaust system memory.
network
low complexity
wireshark CWE-770
7.5
2017-06-02 CVE-2017-9349 Infinite Loop vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an infinite loop.
network
low complexity
wireshark debian CWE-835
7.5
2017-06-02 CVE-2017-9348 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past the end of a buffer.
network
low complexity
wireshark CWE-119
7.5