Vulnerabilities > Wireshark > Wireshark > 1.8.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-05-25 | CVE-2013-3559 | Numeric Errors vulnerability in multiple products epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet. | 5.0 |
2013-05-25 | CVE-2013-3558 | Numeric Errors vulnerability in multiple products The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | 5.0 |
2013-05-25 | CVE-2013-3557 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | 5.0 |
2013-05-25 | CVE-2013-3556 | Improper Input Validation vulnerability in multiple products The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | 5.0 |
2013-05-25 | CVE-2013-3555 | Improper Input Validation vulnerability in multiple products epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. | 5.0 |