Vulnerabilities > Wireshark > Wireshark > 1.4.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-09-20 | CVE-2011-3360 | Unspecified vulnerability in Wireshark Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2 allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory. | 9.3 |
2011-08-24 | CVE-2011-3266 | Resource Management Errors vulnerability in Wireshark The proto_tree_add_item function in Wireshark 1.6.0 through 1.6.1 and 1.4.0 through 1.4.8, when the IKEv1 protocol dissector is used, allows user-assisted remote attackers to cause a denial of service (infinite loop) via vectors involving a malformed IKE packet and many items in a tree. | 2.6 |
2011-07-07 | CVE-2011-2597 | Resource Management Errors vulnerability in Wireshark The Lucent/Ascend file parser in Wireshark 1.2.x before 1.2.18, 1.4.x through 1.4.7, and 1.6.0 allows remote attackers to cause a denial of service (infinite loop) via malformed packets. | 4.3 |
2011-06-06 | CVE-2011-2175 | Numeric Errors vulnerability in Wireshark Integer underflow in the visual_read function in wiretap/visual.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a malformed Visual Networks file that triggers a heap-based buffer over-read. | 4.3 |
2011-06-06 | CVE-2011-2174 | Resource Management Errors vulnerability in Wireshark Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote attackers to cause a denial of service (application crash) via a packet with malformed data that uses zlib compression. | 4.3 |
2011-06-06 | CVE-2011-1959 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wireshark The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service (application crash) via a large length value in a snoop file that triggers a stack-based buffer over-read. | 4.3 |