Search Results (Refine Search)
- CPE Product Version: cpe:/a:wireshark:wireshark:1.10.9
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2014-8712 |
The build_expert_data function in epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Published: November 22, 2014; 9:59:03 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-8711 |
Multiple integer overflows in epan/dissectors/packet-amqp.c in the AMQP dissector in Wireshark 1.10.x before 1.10.11 and 1.12.x before 1.12.2 allow remote attackers to cause a denial of service (application crash) via a crafted amqp_0_10 PDU in a packet. Published: November 22, 2014; 9:59:02 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-8710 |
The decompress_sigcomp_message function in epan/sigcomp-udvm.c in the SigComp UDVM dissector in Wireshark 1.10.x before 1.10.11 allows remote attackers to cause a denial of service (buffer over-read and application crash) via a crafted packet. Published: November 22, 2014; 9:59:01 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-6432 |
The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not prevent data overwrites during copy operations, which allows remote attackers to cause a denial of service (application crash) via a crafted file. Published: September 20, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-6431 |
Buffer overflow in the SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (application crash) via a crafted file that triggers writes of uncompressed bytes beyond the end of the output buffer. Published: September 20, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-6430 |
The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not validate bitmask data, which allows remote attackers to cause a denial of service (application crash) via a crafted file. Published: September 20, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-6429 |
The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not properly handle empty input data, which allows remote attackers to cause a denial of service (application crash) via a crafted file. Published: September 20, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-6428 |
The dissect_spdu function in epan/dissectors/packet-ses.c in the SES dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not initialize a certain ID value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. Published: September 20, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-6427 |
Off-by-one error in the is_rtsp_request_or_reply function in epan/dissectors/packet-rtsp.c in the RTSP dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet that triggers parsing of a token located one position beyond the current position. Published: September 20, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-6424 |
The dissect_v9_v10_pdu_data function in epan/dissectors/packet-netflow.c in the Netflow dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 refers to incorrect offset and start variables, which allows remote attackers to cause a denial of service (uninitialized memory read and application crash) via a crafted packet. Published: September 20, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-6423 |
The tvb_raw_text_add function in epan/dissectors/packet-megaco.c in the MEGACO dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (infinite loop) via an empty line. Published: September 20, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-6422 |
The SDP dissector in Wireshark 1.10.x before 1.10.10 creates duplicate hashtables for a media channel, which allows remote attackers to cause a denial of service (application crash) via a crafted packet to the RTP dissector. Published: September 20, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2014-6421 |
Use-after-free vulnerability in the SDP dissector in Wireshark 1.10.x before 1.10.10 allows remote attackers to cause a denial of service (application crash) via a crafted packet that leverages split memory ownership between the SDP and RTP dissectors. Published: September 20, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |