Vulnerabilities > Wireshark > Wireshark > 0.10.9
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-08-13 | CVE-2010-2995 | Numeric Errors vulnerability in Wireshark The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error, which triggers a buffer overflow, different vulnerabilities than CVE-2010-2287. | 10.0 |
2010-06-15 | CVE-2010-2287 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wireshark Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. | 8.3 |
2010-06-15 | CVE-2010-2286 | Resource Management Errors vulnerability in Wireshark The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | 3.3 |
2009-10-30 | CVE-2009-3829 | Numeric Errors vulnerability in Wireshark Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability." | 9.3 |
2009-07-21 | CVE-2009-2562 | Multiple vulnerability in Wireshark 1.2.0 Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. | 5.0 |
2009-04-21 | CVE-2009-1266 | Remote Security vulnerability in Wireshark Unspecified vulnerability in Wireshark before 1.0.7 has unknown impact and attack vectors. | 10.0 |
2009-04-01 | CVE-2009-1210 | USE of Externally-Controlled Format String vulnerability in Wireshark Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. | 10.0 |
2008-12-01 | CVE-2008-5285 | Resource Management Errors vulnerability in Wireshark Wireshark 1.0.4 and earlier allows remote attackers to cause a denial of service via a long SMTP request, which triggers an infinite loop. | 5.0 |
2008-10-22 | CVE-2008-4685 | Resource Management Errors vulnerability in Wireshark Use-after-free vulnerability in the dissect_q931_cause_ie function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via certain packets that trigger an exception. | 5.0 |
2008-09-04 | CVE-2008-3933 | Improper Input Validation vulnerability in Wireshark Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers to cause a denial of service (crash) via a packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function. | 3.3 |