Vulnerabilities > Wireshark > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-06-06 | CVE-2011-2175 | Numeric Errors vulnerability in Wireshark Integer underflow in the visual_read function in wiretap/visual.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a malformed Visual Networks file that triggers a heap-based buffer over-read. | 4.3 |
| 2011-06-06 | CVE-2011-2174 | Resource Management Errors vulnerability in Wireshark Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a packet with malformed data that uses zlib compression. | 4.3 |
| 2011-06-06 | CVE-2011-1959 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wireshark The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service (application crash) via a large length value in a snoop file that triggers a stack-based buffer over-read. | 4.3 |
| 2011-06-06 | CVE-2011-1956 | Unspecified vulnerability in Wireshark 1.4.5 The bytes_repr_len function in Wireshark 1.4.5 uses an incorrect pointer argument, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via arbitrary TCP traffic. network wireshark | 4.3 |
| 2011-04-29 | CVE-2011-1592 | Numeric Errors vulnerability in Wireshark The NFS dissector in epan/dissectors/packet-nfs.c in Wireshark 1.4.x before 1.4.5 on Windows uses an incorrect integer data type during decoding of SETCLIENTID calls, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file. | 4.3 |
| 2011-03-03 | CVE-2011-1143 | Denial Of Service vulnerability in Wireshark NTLMSSP NULL Pointer Dereference epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file. network wireshark | 4.3 |
| 2011-03-03 | CVE-2011-1141 | Resource Management Errors vulnerability in Wireshark epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many elements. | 4.3 |
| 2011-03-03 | CVE-2011-1140 | Resource Management Errors vulnerability in Wireshark Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service (infinite recursion) via a crafted (1) SMB or (2) Connection-less LDAP (CLDAP) packet. | 4.3 |
| 2011-03-03 | CVE-2011-1139 | Resource Management Errors vulnerability in Wireshark wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) via a pcap-ng file that contains a large packet-length field. | 4.3 |
| 2011-03-03 | CVE-2011-1138 | Numeric Errors vulnerability in Wireshark Off-by-one error in the dissect_6lowpan_iphc function in packet-6lowpan.c in Wireshark 1.4.0 through 1.4.3 on 32-bit platforms allows remote attackers to cause a denial of service (application crash) via a malformed 6LoWPAN IPv6 packet. | 4.3 |