Vulnerabilities > Wireshark

DATE CVE VULNERABILITY TITLE RISK
2017-03-04 CVE-2017-6471 Improper Input Validation vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a WSP infinite loop, triggered by packet injection or a malformed capture file.
network
low complexity
wireshark debian CWE-20
7.5
2017-03-04 CVE-2017-6470 Infinite Loop vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an IAX2 infinite loop, triggered by packet injection or a malformed capture file.
network
low complexity
wireshark debian CWE-835
7.5
2017-03-04 CVE-2017-6469 Improper Input Validation vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an LDSS dissector crash, triggered by packet injection or a malformed capture file.
network
low complexity
wireshark debian CWE-20
7.5
2017-03-04 CVE-2017-6468 Improper Input Validation vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser crash, triggered by a malformed capture file.
network
low complexity
wireshark debian CWE-20
7.5
2017-03-04 CVE-2017-6467 Infinite Loop vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a Netscaler file parser infinite loop, triggered by a malformed capture file.
network
low complexity
wireshark debian CWE-835
7.5
2017-02-17 CVE-2017-6014 Infinite Loop vulnerability in multiple products
In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion.
network
low complexity
wireshark debian CWE-835
7.5
2017-01-25 CVE-2017-5597 Integer Overflow or Wraparound vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the DHCPv6 dissector could go into a large loop, triggered by packet injection or a malformed capture file.
network
low complexity
wireshark CWE-190
7.5
2017-01-25 CVE-2017-5596 Infinite Loop vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file.
network
low complexity
wireshark CWE-835
7.5
2016-11-17 CVE-2016-9376 Resource Management Errors vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file.
network
high complexity
wireshark debian CWE-399
5.9
2016-11-17 CVE-2016-9375 Resource Management Errors vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file.
network
high complexity
wireshark debian CWE-399
5.9