Vulnerabilities > Wireshark > Wireshark > 0.99.6a
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-02-16 | CVE-2009-0600 | Improper Input Validation vulnerability in Wireshark Wireshark 0.99.6 through 1.0.5 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted Tektronix K12 text capture file, as demonstrated by a file with exactly one frame. | 4.3 |
| 2008-12-01 | CVE-2008-5285 | Resource Management Errors vulnerability in Wireshark Wireshark 1.0.4 and earlier allows remote attackers to cause a denial of service via a long SMTP request, which triggers an infinite loop. | 5.0 |
| 2008-10-22 | CVE-2008-4685 | Resource Management Errors vulnerability in Wireshark Use-after-free vulnerability in the dissect_q931_cause_ie function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via certain packets that trigger an exception. | 5.0 |
| 2008-10-22 | CVE-2008-4684 | Resource Management Errors vulnerability in Wireshark packet-frame in Wireshark 0.99.2 through 1.0.3 does not properly handle exceptions thrown by post dissectors, which allows remote attackers to cause a denial of service (application crash) via a certain series of packets, as demonstrated by enabling the (1) PRP or (2) MATE post dissector. | 4.3 |
| 2008-10-22 | CVE-2008-4683 | Resource Management Errors vulnerability in Wireshark The dissect_btacl function in packet-bthci_acl.c in the Bluetooth ACL dissector in Wireshark 0.99.2 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a packet with an invalid length, related to an erroneous tvb_memcpy call. | 5.0 |
| 2008-10-22 | CVE-2008-4681 | Improper Input Validation vulnerability in Wireshark Unspecified vulnerability in the Bluetooth RFCOMM dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via unknown packets. | 4.3 |
| 2008-09-04 | CVE-2008-3934 | Improper Input Validation vulnerability in Wireshark Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file. | 3.3 |
| 2008-09-04 | CVE-2008-3933 | Improper Input Validation vulnerability in Wireshark Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers to cause a denial of service (crash) via a packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function. | 3.3 |
| 2008-09-02 | CVE-2008-3146 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wireshark Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used. | 10.0 |
| 2008-07-16 | CVE-2008-3145 | Improper Input Validation vulnerability in Wireshark The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote attackers to cause a denial of service (crash) via a series of fragmented packets with non-sequential fragmentation offset values, which lead to a buffer over-read. | 5.0 |