Vulnerabilities > Wireshark > Wireshark > 2.2.0

DATE CVE VULNERABILITY TITLE RISK
2017-03-04 CVE-2017-6467 Infinite Loop vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a Netscaler file parser infinite loop, triggered by a malformed capture file.
network
low complexity
wireshark debian CWE-835
7.5
7.5
2017-02-17 CVE-2017-6014 Infinite Loop vulnerability in multiple products
In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion.
network
low complexity
wireshark debian CWE-835
7.8
7.8
2017-01-25 CVE-2017-5597 Integer Overflow or Wraparound vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the DHCPv6 dissector could go into a large loop, triggered by packet injection or a malformed capture file.
network
low complexity
wireshark CWE-190
7.5
7.5
2017-01-25 CVE-2017-5596 Infinite Loop vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file.
network
low complexity
wireshark CWE-835
7.5
7.5
2016-11-17 CVE-2016-9376 Resource Management Errors vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file.
network
high complexity
wireshark debian CWE-399
5.9
5.9
2016-11-17 CVE-2016-9375 Resource Management Errors vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file.
network
high complexity
wireshark debian CWE-399
5.9
5.9
2016-11-17 CVE-2016-9374 Resource Management Errors vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file.
network
high complexity
wireshark debian CWE-399
5.9
5.9
2016-11-17 CVE-2016-9373 Use After Free vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file.
network
high complexity
wireshark debian CWE-416
5.9
5.9
2016-11-17 CVE-2016-9372 Resource Management Errors vulnerability in Wireshark 2.2.0/2.2.1
In Wireshark 2.2.0 to 2.2.1, the Profinet I/O dissector could loop excessively, triggered by network traffic or a capture file.
network
high complexity
wireshark CWE-399
5.9
5.9