Search Results (Refine Search)
- CPE Product Version: cpe:/a:wireshark:wireshark:2.2.4
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2018-7418 |
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by correcting the extraction of the length value. Published: February 23, 2018; 5:29:01 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-7417 |
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the IPMI dissector could crash. This was addressed in epan/dissectors/packet-ipmi-picmg.c by adding support for crafted packets that lack an IPMI header. Published: February 23, 2018; 5:29:01 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-7336 |
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the FCP protocol dissector could crash. This was addressed in epan/dissectors/packet-fcp.c by checking for a NULL pointer. Published: February 23, 2018; 5:29:01 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-7335 |
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the IEEE 802.11 dissector could crash. This was addressed in epan/crypt/airpdcap.c by rejecting lengths that are too small. Published: February 23, 2018; 5:29:01 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-7334 |
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the UMTS MAC dissector could crash. This was addressed in epan/dissectors/packet-umts_mac.c by rejecting a certain reserved value. Published: February 23, 2018; 5:29:01 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-7333 |
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpcrdma.c had an infinite loop that was addressed by validating a chunk size. Published: February 23, 2018; 5:29:01 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-7332 |
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-reload.c had an infinite loop that was addressed by validating a length. Published: February 23, 2018; 5:29:01 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-7331 |
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-ber.c had an infinite loop that was addressed by validating a length. Published: February 23, 2018; 5:29:01 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-7330 |
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thread.c had an infinite loop that was addressed by using a correct integer data type. Published: February 23, 2018; 5:29:01 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-7329 |
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-s7comm.c had an infinite loop that was addressed by correcting off-by-one errors. Published: February 23, 2018; 5:29:00 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-7328 |
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-usb.c had an infinite loop that was addressed by rejecting short frame header lengths. Published: February 23, 2018; 5:29:00 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-7327 |
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-openflow_v6.c had an infinite loop that was addressed by validating property lengths. Published: February 23, 2018; 5:29:00 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-7326 |
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-lltd.c had an infinite loop that was addressed by using a correct integer data type. Published: February 23, 2018; 5:29:00 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-7325 |
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpki-rtr.c had an infinite loop that was addressed by validating a length field. Published: February 23, 2018; 5:29:00 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-7324 |
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-sccp.c had an infinite loop that was addressed by using a correct integer data type. Published: February 23, 2018; 5:29:00 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-7323 |
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-wccp.c had a large loop that was addressed by ensuring that a calculated length was monotonically increasing. Published: February 23, 2018; 5:29:00 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-7322 |
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-dcm.c had an infinite loop that was addressed by checking for integer wraparound. Published: February 23, 2018; 5:29:00 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-7321 |
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thrift.c had a large loop that was addressed by not proceeding with dissection after encountering an unexpected type. Published: February 23, 2018; 5:29:00 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-7320 |
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the SIGCOMP protocol dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by validating operand offsets. Published: February 23, 2018; 5:29:00 PM -0500 |
V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2018-6836 |
The netmonrec_comment_destroy function in wiretap/netmon.c in Wireshark through 2.4.4 performs a free operation on an uninitialized memory address, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. Published: February 08, 2018; 2:29:01 AM -0500 |
V3.0: 9.8 CRITICAL V2.0: 7.5 HIGH |