Vulnerabilities > Wireshark > Wireshark > 1.2.15
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-10-06 | CVE-2020-26575 | Infinite Loop vulnerability in multiple products In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. | 7.5 |
2018-07-20 | CVE-2018-14438 | Improper Input Validation vulnerability in Wireshark In Wireshark through 2.6.2, the create_app_running_mutex function in wsutil/file_util.c calls SetSecurityDescriptorDacl to set a NULL DACL, which allows attackers to modify the access control arbitrarily. | 5.0 |
2018-02-08 | CVE-2018-6836 | Release of Invalid Pointer or Reference vulnerability in Wireshark The netmonrec_comment_destroy function in wiretap/netmon.c in Wireshark through 2.4.4 performs a free operation on an uninitialized memory address, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | 9.8 |
2017-12-30 | CVE-2017-17997 | NULL Pointer Dereference vulnerability in multiple products In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL pointer and crashes. | 7.5 |
2017-12-27 | CVE-2017-17935 | Out-of-bounds Read vulnerability in multiple products The File_read_line function in epan/wslua/wslua_file.c in Wireshark through 2.2.11 does not properly strip '\n' characters, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet that triggers the attempted processing of an empty line. | 7.5 |
2017-02-17 | CVE-2017-6014 | Infinite Loop vulnerability in multiple products In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. | 7.8 |
2011-07-07 | CVE-2011-2597 | Resource Management Errors vulnerability in Wireshark The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0 allows remote attackers to cause a denial of service (infinite loop) via malformed packets. | 4.3 |
2011-06-06 | CVE-2011-2175 | Numeric Errors vulnerability in Wireshark Integer underflow in the visual_read function in wiretap/visual.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a malformed Visual Networks file that triggers a heap-based buffer over-read. | 4.3 |
2011-06-06 | CVE-2011-2174 | Resource Management Errors vulnerability in Wireshark Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a packet with malformed data that uses zlib compression. | 4.3 |
2011-06-06 | CVE-2011-1959 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wireshark The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service (application crash) via a large length value in a snoop file that triggers a stack-based buffer over-read. | 4.3 |