Vulnerabilities > Wireshark > Wireshark > 1.6.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-05-25 | CVE-2013-3556 | Improper Input Validation vulnerability in multiple products The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | 5.0 |
2013-03-07 | CVE-2013-2488 | Improper Input Validation vulnerability in multiple products The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a denial of service (application crash) via a large offset value that triggers write access to an invalid memory location. | 5.0 |
2013-03-07 | CVE-2013-2485 | Denial of Service vulnerability in Wireshark FCSP Dissector The FCSP dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. | 6.1 |
2013-03-07 | CVE-2013-2484 | Denial of Service vulnerability in Wireshark CIMD Dissector The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet. | 3.3 |
2013-03-07 | CVE-2013-2483 | Numeric Errors vulnerability in multiple products The acn_add_dmp_data function in epan/dissectors/packet-acn.c in the ACN dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via an invalid count value in ACN_DMP_ADT_D_RE DMP data. | 3.3 |
2013-03-07 | CVE-2013-2482 | Denial of Service vulnerability in Wireshark AMPQ Dissector The AMPQ dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. | 6.1 |
2013-03-07 | CVE-2013-2481 | Numeric Errors vulnerability in multiple products Integer signedness error in the dissect_mount_dirpath_call function in epan/dissectors/packet-mount.c in the Mount dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6, when nfs_file_name_snooping is enabled, allows remote attackers to cause a denial of service (application crash) via a negative length value. | 2.9 |
2013-03-07 | CVE-2013-2480 | Denial of Service vulnerability in Wireshark RTPS And RTPS2 Dissectors The RTPS and RTPS2 dissectors in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allow remote attackers to cause a denial of service (application crash) via a malformed packet. | 3.3 |
2013-03-07 | CVE-2013-2478 | Numeric Errors vulnerability in multiple products The dissect_server_info function in epan/dissectors/packet-ms-mms.c in the MS-MMS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not properly manage string lengths, which allows remote attackers to cause a denial of service (application crash) via a malformed packet that (1) triggers an integer overflow or (2) has embedded '\0' characters in a string. | 3.3 |
2013-02-03 | CVE-2013-1590 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wireshark Buffer overflow in the NTLMSSP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet. | 2.9 |