Vulnerabilities > Wireshark > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-09-16 | CVE-2013-5721 | Improper Input Validation vulnerability in Wireshark The dissect_mq_rr function in epan/dissectors/packet-mq.c in the MQ dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not properly determine when to enter a certain loop, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | 4.3 |
| 2013-09-16 | CVE-2013-5720 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wireshark Buffer overflow in the RTPS dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet. | 5.0 |
| 2013-09-16 | CVE-2013-5719 | Resource Management Errors vulnerability in Wireshark epan/dissectors/packet-assa_r3.c in the ASSA R3 dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. | 4.3 |
| 2013-09-16 | CVE-2013-5718 | Permissions, Privileges, and Access Controls vulnerability in Wireshark The dissect_nbap_T_dCH_ID function in epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 does not restrict the dch_id value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | 4.3 |
| 2013-09-16 | CVE-2013-5717 | Improper Input Validation vulnerability in Wireshark 1.10.0/1.10.1 The Bluetooth HCI ACL dissector in Wireshark 1.10.x before 1.10.2 does not properly maintain a certain free list, which allows remote attackers to cause a denial of service (application crash) via a crafted packet that is not properly handled by the wmem_block_alloc function in epan/wmem/wmem_allocator_block.c. | 4.3 |
| 2013-07-30 | CVE-2013-4936 | Unspecified vulnerability in Wireshark 1.10.0 The IsDFP_Frame function in plugins/profinet/packet-pn-rt.c in the PROFINET Real-Time dissector in Wireshark 1.10.x before 1.10.1 does not validate MAC addresses, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet. | 5.0 |
| 2013-07-30 | CVE-2013-4935 | Numeric Errors vulnerability in Wireshark The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in certain abnormal situations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. | 4.3 |
| 2013-07-30 | CVE-2013-4934 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wireshark The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize certain structure members, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file. | 4.3 |
| 2013-07-30 | CVE-2013-4933 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wireshark The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file. | 5.0 |
| 2013-07-30 | CVE-2013-4932 | Improper Input Validation vulnerability in Wireshark Multiple array index errors in epan/dissectors/packet-gsm_a_common.c in the GSM A Common dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allow remote attackers to cause a denial of service (application crash) via a crafted packet. | 5.0 |