Vulnerabilities > Wireshark > Wireshark > 1.6.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-02-03 | CVE-2013-1589 | Resource Management Errors vulnerability in Wireshark Double free vulnerability in epan/proto.c in the dissection engine in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allows remote attackers to cause a denial of service (application crash) via a malformed packet. | 2.9 |
2013-02-03 | CVE-2013-1588 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Wireshark Multiple buffer overflows in the dissect_pft_fec_detailed function in the DCP-ETSI dissector in epan/dissectors/packet-dcp-etsi.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 allow remote attackers to cause a denial of service (application crash) via a malformed packet. | 2.9 |
2013-02-03 | CVE-2013-1587 | Unspecified vulnerability in Wireshark The dissect_rohc_ir_packet function in epan/dissectors/packet-rohc.c in the ROHC dissector in Wireshark 1.8.x before 1.8.5 does not properly handle unknown profiles, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | 2.9 |
2013-02-03 | CVE-2013-1586 | Unspecified vulnerability in Wireshark The fragment_set_tot_len function in epan/reassemble.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly determine the length of a reassembled packet for the DTLS dissector, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | 2.9 |
2013-02-03 | CVE-2013-1585 | Improper Input Validation vulnerability in Wireshark epan/tvbuff.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly validate certain length values for the MS-MMC dissector, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | 2.9 |
2013-02-03 | CVE-2013-1584 | Improper Input Validation vulnerability in Wireshark The dissect_version_5_and_6_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | 2.9 |
2013-02-03 | CVE-2013-1583 | Improper Input Validation vulnerability in Wireshark The dissect_version_4_primary_header function in epan/dissectors/packet-dtn.c in the DTN dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 accesses an inappropriate pointer, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | 2.9 |
2013-02-03 | CVE-2013-1582 | Numeric Errors vulnerability in Wireshark The dissect_clnp function in epan/dissectors/packet-clnp.c in the CLNP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly manage an offset variable, which allows remote attackers to cause a denial of service (infinite loop or application crash) via a malformed packet. | 2.9 |
2013-02-03 | CVE-2013-1581 | Improper Input Validation vulnerability in Wireshark The dissect_pft_fec_detailed function in epan/dissectors/packet-dcp-etsi.c in the DCP-ETSI dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle fragment gaps, which allows remote attackers to cause a denial of service (loop) via a malformed packet. | 2.9 |
2013-02-03 | CVE-2013-1580 | Improper Input Validation vulnerability in Wireshark The dissect_cmstatus_tlv function in plugins/docsis/packet-cmstatus.c in the DOCSIS CM-STATUS dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 uses an incorrect data type for a position variable, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. | 2.9 |