Vulnerabilities > Wireshark > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-01-04 | CVE-2015-8713 | Improper Input Validation vulnerability in Wireshark epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not properly reserve memory for channel ID mappings, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet. | 5.5 |
2016-01-04 | CVE-2015-8712 | Improper Input Validation vulnerability in Wireshark The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | 5.5 |
2016-01-04 | CVE-2015-8711 | Improper Input Validation vulnerability in Wireshark epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet. | 5.5 |
2016-01-04 | CVE-2015-3182 | Improper Input Validation vulnerability in Wireshark 1.10.12/1.10.13/1.10.14 epan/dissectors/packet-dec-dnart.c in the DECnet NSP/RT dissector in Wireshark 1.10.12 through 1.10.14 mishandles a certain strdup return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | 5.5 |