Vulnerabilities > Wireshark > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-04-11 | CVE-2012-0066 | Improper Input Validation vulnerability in multiple products Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in a (1) Accellent 5Views (aka .5vw) file, (2) I4B trace file, or (3) NETMON 2 capture file. | 4.3 |
| 2012-04-11 | CVE-2012-0043 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wireshark Buffer overflow in the reassemble_message function in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a series of fragmented RLC packets. | 5.8 |
| 2012-04-11 | CVE-2012-0041 | Improper Input Validation vulnerability in multiple products The dissect_packet function in epan/packet.c in Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 allows remote attackers to cause a denial of service (application crash) via a long packet in a capture file, as demonstrated by an airopeek file. | 4.3 |
| 2011-11-03 | CVE-2011-4102 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wireshark Heap-based buffer overflow in the erf_read_header function in wiretap/erf.c in the ERF file parser in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (application crash) via a malformed file. | 4.3 |
| 2011-11-03 | CVE-2011-4101 | Denial of Service vulnerability in Wireshark Infiniband Dissector The dissect_infiniband_common function in epan/dissectors/packet-infiniband.c in the Infiniband dissector in Wireshark 1.4.0 through 1.4.9 and 1.6.x before 1.6.3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet. network wireshark | 4.3 |
| 2011-11-03 | CVE-2011-4100 | Resource Management Errors vulnerability in Wireshark 1.6.0/1.6.1/1.6.2 The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.3 does not initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | 4.3 |
| 2011-09-20 | CVE-2011-3484 | Improper Input Validation vulnerability in Wireshark 1.6.0/1.6.1 The unxorFrame function in epan/dissectors/packet-opensafety.c in the OpenSafety dissector in Wireshark 1.6.x before 1.6.2 does not properly validate a certain frame size, which allows remote attackers to cause a denial of service (loop and application crash) via a malformed packet. | 4.3 |
| 2011-09-20 | CVE-2011-3483 | Buffer Errors vulnerability in Wireshark 1.6.0/1.6.1 Wireshark 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (application crash) via a malformed capture file that leads to an invalid root tvbuff, related to a "buffer exception handling vulnerability." | 4.3 |
| 2011-09-20 | CVE-2011-3482 | Resource Management Errors vulnerability in Wireshark 1.6.0/1.6.1 The csnStreamDissector function in epan/dissectors/packet-csn1.c in the CSN.1 dissector in Wireshark 1.6.x before 1.6.2 does not initialize a certain structure member, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | 4.3 |
| 2011-07-07 | CVE-2011-2597 | Resource Management Errors vulnerability in Wireshark The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0 allows remote attackers to cause a denial of service (infinite loop) via malformed packets. | 4.3 |