Max CVSS 7.8 Min CVSS 4.3 Total Count23
IDCVSSSummaryLast (major) updatePublished
CVE-2017-7748 7.8
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WSP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by adding a length check.
18-04-2017 - 17:02 12-04-2017 - 19:59
CVE-2017-7747 5.0
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the PacketBB dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-packetbb.c by restricting additions to the protocol tree.
18-04-2017 - 17:02 12-04-2017 - 19:59
CVE-2017-7746 5.0
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-slsk.c by adding checks for the remaining leng
18-04-2017 - 17:01 12-04-2017 - 19:59
CVE-2017-7745 7.8
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SIGCOMP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-sigcomp.c by correcting a memory-size check
18-04-2017 - 17:00 12-04-2017 - 19:59
CVE-2017-7705 7.8
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rpcrdma.c by correctly checking for g
18-04-2017 - 16:58 12-04-2017 - 19:59
CVE-2017-7704 7.8
In Wireshark 2.2.0 to 2.2.5, the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dof.c by using a different integer data type and adjusting a return
18-04-2017 - 16:58 12-04-2017 - 19:59
CVE-2017-7703 5.0
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-imap.c by calculating a line's end correctly.
18-04-2017 - 16:57 12-04-2017 - 19:59
CVE-2017-7702 7.8
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation.
18-04-2017 - 16:56 12-04-2017 - 19:59
CVE-2017-7701 7.8
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the BGP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-bgp.c by using a different integer data type.
18-04-2017 - 16:56 12-04-2017 - 19:59
CVE-2017-7700 7.1
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by ensuring a nonzero record size.
18-04-2017 - 16:54 12-04-2017 - 19:59
CVE-2017-6014 7.8
In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attem
17-02-2017 - 12:22 17-02-2017 - 02:59
CVE-2017-5597 5.0
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the DHCPv6 dissector could go into a large loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dhcpv6.c by changing a data type to avoid an inte
27-01-2017 - 21:59 25-01-2017 - 16:59
CVE-2017-5596 5.0
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid a
27-01-2017 - 13:00 25-01-2017 - 16:59
CVE-2016-9375 4.3
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dtn.c by checking whether SDNV evaluation was successful.
10-01-2017 - 23:13 17-11-2016 - 00:59
CVE-2016-9376 4.3
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-openflow_v5.c by ensuring that certain length valu
10-01-2017 - 23:13 17-11-2016 - 00:59
CVE-2016-9374 4.3
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-alljoyn.c by ensuring that a length variable prope
10-01-2017 - 22:00 17-11-2016 - 00:59
CVE-2016-9373 4.3
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dcerpc-nt.c and epan/dissectors/packet-dcerpc-spoolss
10-01-2017 - 21:59 17-11-2016 - 00:59
CVE-2016-7176 4.3
epan/dissectors/packet-h225.c in the H.225 dissector in Wireshark 2.x before 2.0.6 calls snprintf with one of its input buffers as the output buffer, which allows remote attackers to cause a denial of service (copy overlap and application crash) via
30-09-2016 - 11:13 09-09-2016 - 06:59
CVE-2016-7175 4.3
epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector in Wireshark 2.x before 2.0.6 mishandles MAC address data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.
30-09-2016 - 11:08 09-09-2016 - 06:59
CVE-2016-7177 4.3
epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 does not restrict the number of channels, which allows remote attackers to cause a denial of service (buffer over-read and application crash) vi
29-09-2016 - 10:36 09-09-2016 - 06:59
CVE-2016-7179 4.3
Stack-based buffer overflow in epan/dissectors/packet-catapult-dct2000.c in the Catapult DCT2000 dissector in Wireshark 2.x before 2.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
29-09-2016 - 10:35 09-09-2016 - 06:59
CVE-2016-7180 4.3
epan/dissectors/packet-ipmi-trace.c in the IPMI trace dissector in Wireshark 2.x before 2.0.6 does not properly consider whether a string is constant, which allows remote attackers to cause a denial of service (use-after-free and application crash) v
29-09-2016 - 10:35 09-09-2016 - 06:59
CVE-2016-7178 4.3
epan/dissectors/packet-umts_fp.c in the UMTS FP dissector in Wireshark 2.x before 2.0.6 does not ensure that memory is allocated for certain data structures, which allows remote attackers to cause a denial of service (invalid write access and applica
29-09-2016 - 10:33 09-09-2016 - 06:59
Back to Top Mark selected
Back to Top