Vulnerabilities > Wireshark > Wireshark > 1.2.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-03-03 | CVE-2011-1143 | Denial Of Service vulnerability in Wireshark NTLMSSP NULL Pointer Dereference epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file. network wireshark | 4.3 |
| 2011-03-03 | CVE-2011-1141 | Resource Management Errors vulnerability in Wireshark epan/dissectors/packet-ldap.c in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (memory consumption) via (1) a long LDAP filter string or (2) an LDAP filter string containing many elements. | 4.3 |
| 2011-03-03 | CVE-2011-1140 | Resource Management Errors vulnerability in Wireshark Multiple stack consumption vulnerabilities in the dissect_ms_compressed_string and dissect_mscldap_string functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service (infinite recursion) via a crafted (1) SMB or (2) Connection-less LDAP (CLDAP) packet. | 4.3 |
| 2011-03-03 | CVE-2011-1139 | Resource Management Errors vulnerability in Wireshark wiretap/pcapng.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) via a pcap-ng file that contains a large packet-length field. | 4.3 |
| 2011-02-08 | CVE-2011-0538 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wireshark Wireshark 1.2.0 through 1.2.14, 1.4.0 through 1.4.3, and 1.5.0 frees an uninitialized pointer during processing of a .pcap file in the pcap-ng format, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a malformed file. | 6.8 |
| 2011-01-13 | CVE-2011-0444 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wireshark Buffer overflow in the MAC-LTE dissector (epan/dissectors/packet-mac-lte.c) in Wireshark 1.2.0 through 1.2.13 and 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of RARs. | 10.0 |
| 2010-11-26 | CVE-2010-4300 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wireshark Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an LDSS packet with a long digest line that triggers memory corruption. | 7.5 |
| 2010-11-26 | CVE-2010-3445 | Resource Management Errors vulnerability in Wireshark Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long string in an unknown ASN.1/BER encoded packet, as demonstrated using SNMP. | 5.0 |
| 2010-08-26 | CVE-2010-3133 | Unspecified vulnerability in Wireshark Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as a file that automatically launches Wireshark. | 9.3 |
| 2010-08-13 | CVE-2010-2995 | Numeric Errors vulnerability in Wireshark The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error, which triggers a buffer overflow, different vulnerabilities than CVE-2010-2287. | 10.0 |