Vulnerabilities (CVE)

Filtered by vendor Wireshark Subscribe
Total 665 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-9374 2 Debian, Wireshark 2 Debian Linux, Wireshark 2024-02-28 4.3 MEDIUM 5.9 MEDIUM
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the AllJoyn dissector could crash with a buffer over-read, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-alljoyn.c by ensuring that a length variable properly tracked the state of a signature variable.
CVE-2017-7704 1 Wireshark 1 Wireshark 2024-02-28 7.8 HIGH 7.5 HIGH
In Wireshark 2.2.0 to 2.2.5, the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dof.c by using a different integer data type and adjusting a return value.
CVE-2016-9376 2 Debian, Wireshark 2 Debian Linux, Wireshark 2024-02-28 4.3 MEDIUM 5.9 MEDIUM
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the OpenFlow dissector could crash with memory exhaustion, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-openflow_v5.c by ensuring that certain length values were sufficiently large.
CVE-2017-7705 1 Wireshark 1 Wireshark 2024-02-28 7.8 HIGH 7.5 HIGH
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rpcrdma.c by correctly checking for going beyond the maximum offset.
CVE-2017-6014 2 Debian, Wireshark 2 Debian Linux, Wireshark 2024-02-28 7.8 HIGH 7.5 HIGH
In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory.
CVE-2016-9375 2 Debian, Wireshark 2 Debian Linux, Wireshark 2024-02-28 4.3 MEDIUM 5.9 MEDIUM
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DTN dissector could go into an infinite loop, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dtn.c by checking whether SDNV evaluation was successful.
CVE-2017-7702 1 Wireshark 1 Wireshark 2024-02-28 7.8 HIGH 7.5 HIGH
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding length validation.
CVE-2017-6470 2 Debian, Wireshark 2 Debian Linux, Wireshark 2024-02-28 7.8 HIGH 7.5 HIGH
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an IAX2 infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-iax2.c by constraining packet lateness.
CVE-2017-7745 1 Wireshark 1 Wireshark 2024-02-28 7.8 HIGH 7.5 HIGH
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SIGCOMP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-sigcomp.c by correcting a memory-size check.
CVE-2016-7957 1 Wireshark 1 Wireshark 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.2.0, the Bluetooth L2CAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-btl2cap.c by avoiding use of a seven-byte memcmp for potentially shorter strings.
CVE-2017-6472 2 Debian, Wireshark 2 Debian Linux, Wireshark 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an RTMPT dissector infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rtmpt.c by properly incrementing a certain sequence value.
CVE-2017-6474 2 Debian, Wireshark 2 Debian Linux, Wireshark 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by validating record sizes.
CVE-2017-7703 2 Debian, Wireshark 2 Debian Linux, Wireshark 2024-02-28 5.0 MEDIUM 7.5 HIGH
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-imap.c by calculating a line's end correctly.
CVE-2017-7700 2 Debian, Wireshark 2 Debian Linux, Wireshark 2024-02-28 7.1 HIGH 6.5 MEDIUM
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by ensuring a nonzero record size.
CVE-2015-7830 2 Oracle, Wireshark 2 Solaris, Wireshark 2024-02-28 4.3 MEDIUM N/A
The pcapng_read_if_descr_block function in wiretap/pcapng.c in the pcapng parser in Wireshark 1.12.x before 1.12.8 uses too many levels of pointer indirection, which allows remote attackers to cause a denial of service (incorrect free and application crash) via a crafted packet that triggers interface-filter copying.
CVE-2016-6513 1 Wireshark 1 Wireshark 2024-02-28 4.3 MEDIUM 5.9 MEDIUM
epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshark 2.x before 2.0.5 does not restrict the recursion depth, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
CVE-2015-8723 1 Wireshark 1 Wireshark 2024-02-28 4.3 MEDIUM 5.5 MEDIUM
The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.
CVE-2016-2532 1 Wireshark 1 Wireshark 2024-02-28 4.3 MEDIUM 5.9 MEDIUM
The dissect_llrp_parameters function in epan/dissectors/packet-llrp.c in the LLRP dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 does not limit the recursion depth, which allows remote attackers to cause a denial of service (memory consumption or application crash) via a crafted packet.
CVE-2016-5358 2 Oracle, Wireshark 2 Solaris, Wireshark 2024-02-28 4.3 MEDIUM 5.9 MEDIUM
epan/dissectors/packet-pktap.c in the Ethernet dissector in Wireshark 2.x before 2.0.4 mishandles the packet-header data type, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
CVE-2016-7175 1 Wireshark 1 Wireshark 2024-02-28 4.3 MEDIUM 5.9 MEDIUM
epan/dissectors/packet-qnet6.c in the QNX6 QNET dissector in Wireshark 2.x before 2.0.6 mishandles MAC address data, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet.