Vulnerabilities > Wireshark

DATE CVE VULNERABILITY TITLE RISK
2016-01-04 CVE-2015-8712 Improper Input Validation vulnerability in Wireshark
The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
local
low complexity
wireshark CWE-20
5.5
2016-01-04 CVE-2015-8711 Improper Input Validation vulnerability in Wireshark
epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.
local
low complexity
wireshark CWE-20
5.5
2016-01-04 CVE-2015-3182 Improper Input Validation vulnerability in Wireshark 1.10.12/1.10.13/1.10.14
epan/dissectors/packet-dec-dnart.c in the DECnet NSP/RT dissector in Wireshark 1.10.12 through 1.10.14 mishandles a certain strdup return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
local
low complexity
wireshark CWE-20
5.5
2006-10-28 CVE-2006-4574 Reachable Assertion vulnerability in Wireshark 0.10.1/0.99.2/0.99.3
Off-by-one error in the MIME Multipart dissector in Wireshark (formerly Ethereal) 0.10.1 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger an assertion error related to unexpected length values.
network
low complexity
wireshark CWE-617
7.5