National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:wireshark:wireshark:1.0.0
There are 52 matching records.
Displaying matches 41 through 52.
Vuln ID Summary CVSS Severity
CVE-2008-4681

Unspecified vulnerability in the Bluetooth RFCOMM dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via unknown packets.

Published: October 22, 2008; 02:00:01 PM -04:00
    V2: 4.3 MEDIUM
CVE-2008-4680

packet-usb.c in the USB dissector in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via a malformed USB Request Block (URB).

Published: October 22, 2008; 02:00:01 PM -04:00
    V2: 4.3 MEDIUM
CVE-2008-3932

Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to cause a denial of service (hang) via a crafted NCP packet that triggers an infinite loop.

Published: September 04, 2008; 03:41:00 PM -04:00
    V2: 5.0 MEDIUM
CVE-2008-3933

Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers to cause a denial of service (crash) via a packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function.

Published: September 04, 2008; 03:41:00 PM -04:00
    V2: 3.3 LOW
CVE-2008-3934

Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.

Published: September 04, 2008; 03:41:00 PM -04:00
    V2: 3.3 LOW
CVE-2008-3146

Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used.

Published: September 02, 2008; 10:24:00 AM -04:00
    V2: 10.0 HIGH
CVE-2008-3145

The fragment_add_work function in epan/reassemble.c in Wireshark 0.8.19 through 1.0.1 allows remote attackers to cause a denial of service (crash) via a series of fragmented packets with non-sequential fragmentation offset values, which lead to a buffer over-read.

Published: July 16, 2008; 02:41:00 PM -04:00
    V2: 5.0 MEDIUM
CVE-2008-3137

The GSM SMS dissector in Wireshark (formerly Ethereal) 0.99.2 through 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors.

Published: July 10, 2008; 07:41:00 PM -04:00
    V2: 4.3 MEDIUM
CVE-2008-3138

The (1) PANA and (2) KISMET dissectors in Wireshark (formerly Ethereal) 0.99.3 through 1.0.0 allow remote attackers to cause a denial of service (application stop) via unknown vectors.

Published: July 10, 2008; 07:41:00 PM -04:00
    V2: 5.0 MEDIUM
CVE-2008-3139

The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: this might be due to a use-after-free error.

Published: July 10, 2008; 07:41:00 PM -04:00
    V2: 5.0 MEDIUM
CVE-2008-3140

The syslog dissector in Wireshark (formerly Ethereal) 1.0.0 allows remote attackers to cause a denial of service (application crash) via unknown vectors, possibly related to an "incomplete SS7 MSU syslog encapsulated packet."

Published: July 10, 2008; 07:41:00 PM -04:00
    V2: 5.0 MEDIUM
CVE-2008-3141

Unspecified vulnerability in the RMI dissector in Wireshark (formerly Ethereal) 0.9.5 through 1.0.0 allows remote attackers to read system memory via unspecified vectors.

Published: July 10, 2008; 07:41:00 PM -04:00
    V2: 4.9 MEDIUM