Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:wireshark:wireshark:1.6.2
There are 73 matching records.
Displaying matches 41 through 60.
Vuln ID Summary CVSS Severity
CVE-2012-6060

Integer overflow in the dissect_iscsi_pdu function in epan/dissectors/packet-iscsi.c in the iSCSI dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.

Published: December 05, 2012; 6:57:20 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2012-6059

The dissect_isakmp function in epan/dissectors/packet-isakmp.c in the ISAKMP dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 uses an incorrect data structure to determine IKEv2 decryption parameters, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.

Published: December 05, 2012; 6:57:20 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2012-6058

Integer overflow in the dissect_icmpv6 function in epan/dissectors/packet-icmpv6.c in the ICMPv6 dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted Number of Sources value.

Published: December 05, 2012; 6:57:20 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2012-6053

epan/dissectors/packet-usb.c in the USB dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 relies on a length field to calculate an offset value, which allows remote attackers to cause a denial of service (infinite loop) via a zero value for this field.

Published: December 05, 2012; 6:57:19 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2012-3548

The dissect_drda function in epan/dissectors/packet-drda.c in Wireshark 1.6.x through 1.6.10 and 1.8.x through 1.8.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a small value for a certain length field in a capture file.

Published: August 30, 2012; 6:55:05 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2012-4297

Buffer overflow in the dissect_gsm_rlcmac_downlink function in epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC MAC dissector in Wireshark 1.6.x before 1.6.10 and 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a malformed packet.

Published: August 16, 2012; 6:38:09 AM -0400
V3.x:(not available)
V2.0: 8.3 HIGH
CVE-2012-4296

Buffer overflow in epan/dissectors/packet-rtps2.c in the RTPS2 dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet.

Published: August 16, 2012; 6:38:09 AM -0400
V3.x:(not available)
V2.0: 3.3 LOW
CVE-2012-4293

plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly handle certain integer fields, which allows remote attackers to cause a denial of service (application exit) via a malformed packet.

Published: August 16, 2012; 6:38:08 AM -0400
V3.x:(not available)
V2.0: 3.3 LOW
CVE-2012-4292

The dissect_stun_message function in epan/dissectors/packet-stun.c in the STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly interact with key-destruction behavior in a certain tree library, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.

Published: August 16, 2012; 6:38:08 AM -0400
V3.x:(not available)
V2.0: 3.3 LOW
CVE-2012-4291

The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.

Published: August 16, 2012; 6:38:08 AM -0400
V3.x:(not available)
V2.0: 3.3 LOW
CVE-2012-4290

The CTDB dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a malformed packet.

Published: August 16, 2012; 6:38:08 AM -0400
V3.x:(not available)
V2.0: 3.3 LOW
CVE-2012-4289

epan/dissectors/packet-afp.c in the AFP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a large number of ACL entries.

Published: August 16, 2012; 6:38:08 AM -0400
V3.x:(not available)
V2.0: 3.3 LOW
CVE-2012-4288

Integer overflow in the dissect_xtp_ecntl function in epan/dissectors/packet-xtp.c in the XTP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop or application crash) via a large value for a span length.

Published: August 16, 2012; 6:38:08 AM -0400
V3.x:(not available)
V2.0: 3.3 LOW
CVE-2012-4285

The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a zero-length message.

Published: August 16, 2012; 6:38:08 AM -0400
V3.x:(not available)
V2.0: 3.3 LOW
CVE-2012-4049

epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (loop and CPU consumption) via a crafted packet.

Published: July 24, 2012; 3:55:03 PM -0400
V3.x:(not available)
V2.0: 2.9 LOW
CVE-2012-4048

The PPP dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1 allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via a crafted packet, as demonstrated by a usbmon dump.

Published: July 24, 2012; 3:55:00 PM -0400
V3.x:(not available)
V2.0: 3.3 LOW
CVE-2012-3826

Multiple integer underflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (loop) via vectors related to the R3 dissector, a different vulnerability than CVE-2012-2392.

Published: June 30, 2012; 6:15:05 AM -0400
V3.x:(not available)
V2.0: 3.3 LOW
CVE-2012-3825

Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) BACapp and (2) Bluetooth HCI dissectors, a different vulnerability than CVE-2012-2392.

Published: June 30, 2012; 6:15:05 AM -0400
V3.x:(not available)
V2.0: 3.3 LOW
CVE-2012-2394

Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and Itanium platforms does not properly perform data alignment for a certain structure member, which allows remote attackers to cause a denial of service (application crash) via a (1) ICMP or (2) ICMPv6 Echo Request packet.

Published: June 30, 2012; 6:15:05 AM -0400
V3.x:(not available)
V2.0: 3.3 LOW
CVE-2012-2393

epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 does not properly construct certain array data structures, which allows remote attackers to cause a denial of service (application crash) via a crafted packet that triggers incorrect memory allocation.

Published: June 30, 2012; 6:15:05 AM -0400
V3.x:(not available)
V2.0: 3.3 LOW