Vulnerabilities > Wireshark > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-03-11 | CVE-2014-2281 | Improper Input Validation vulnerability in Wireshark The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet. | 4.3 |
| 2013-12-19 | CVE-2013-7114 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wireshark Multiple buffer overflows in the create_ntlmssp_v2_key function in epan/dissectors/packet-ntlmssp.c in the NTLMSSP v2 dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 allow remote attackers to cause a denial of service (application crash) via a long domain name in a packet. | 5.0 |
| 2013-12-19 | CVE-2013-7113 | Improper Input Validation vulnerability in Wireshark epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark 1.10.x before 1.10.4 incorrectly relies on a global variable, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | 5.0 |
| 2013-12-19 | CVE-2013-7112 | Improper Input Validation vulnerability in Wireshark The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. | 5.0 |
| 2013-11-04 | CVE-2013-6340 | Improper Input Validation vulnerability in Wireshark epan/dissectors/packet-tcp.c in the TCP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly determine the amount of remaining data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | 4.3 |
| 2013-11-04 | CVE-2013-6339 | Improper Input Validation vulnerability in Wireshark The dissect_openwire_type function in epan/dissectors/packet-openwire.c in the OpenWire dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (loop) via a crafted packet. | 4.3 |
| 2013-11-04 | CVE-2013-6338 | Improper Input Validation vulnerability in Wireshark The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | 4.3 |
| 2013-11-04 | CVE-2013-6337 | Denial of Service vulnerability in Wireshark NBAP Dissector Unspecified vulnerability in the NBAP dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet. network wireshark | 4.3 |
| 2013-11-04 | CVE-2013-6336 | Improper Input Validation vulnerability in Wireshark The ieee802154_map_rec function in epan/dissectors/packet-ieee802154.c in the IEEE 802.15.4 dissector in Wireshark 1.8.x before 1.8.11 and 1.10.x before 1.10.3 uses an incorrect pointer chain, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | 4.3 |
| 2013-09-16 | CVE-2013-5722 | Denial of Service vulnerability in Wireshark LDAP Dissector Unspecified vulnerability in the LDAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet. network wireshark | 4.3 |