Vulnerabilities > Wireshark > Medium

DATE CVE VULNERABILITY TITLE RISK
2016-01-04 CVE-2015-8713 Improper Input Validation vulnerability in Wireshark
epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not properly reserve memory for channel ID mappings, which allows remote attackers to cause a denial of service (out-of-bounds memory access and application crash) via a crafted packet.
local
low complexity
wireshark CWE-20
5.5
2016-01-04 CVE-2015-8712 Improper Input Validation vulnerability in Wireshark
The dissect_hsdsch_channel_info function in epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 1.12.x before 1.12.9 does not validate the number of PDUs, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
local
low complexity
wireshark CWE-20
5.5
2016-01-04 CVE-2015-8711 Improper Input Validation vulnerability in Wireshark
epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate conversation data, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet.
local
low complexity
wireshark CWE-20
5.5
2016-01-04 CVE-2015-3182 Improper Input Validation vulnerability in Wireshark 1.10.12/1.10.13/1.10.14
epan/dissectors/packet-dec-dnart.c in the DECnet NSP/RT dissector in Wireshark 1.10.12 through 1.10.14 mishandles a certain strdup return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
local
low complexity
wireshark CWE-20
5.5