Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:wireshark:wireshark:1.2.2:*:*:*:*:*:*:*
There are 39 matching records.
Displaying matches 21 through 39.
Vuln ID Summary CVSS Severity
CVE-2011-0444

Buffer overflow in the MAC-LTE dissector (epan/dissectors/packet-mac-lte.c) in Wireshark 1.2.0 through 1.2.13 and 1.4.0 through 1.4.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of RARs.

Published: January 12, 2011; 8:00:02 PM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2010-4300

Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an LDSS packet with a long digest line that triggers memory corruption.

Published: November 26, 2010; 2:00:09 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2010-3445

Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long string in an unknown ASN.1/BER encoded packet, as demonstrated using SNMP.

Published: November 26, 2010; 2:00:07 PM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-3133

Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as a file that automatically launches Wireshark.

Published: August 26, 2010; 2:36:36 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2010-2995

The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error, which triggers a buffer overflow, different vulnerabilities than CVE-2010-2287.

Published: August 13, 2010; 2:43:27 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2010-2994

Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.14 and 1.2.0 through 1.2.9 has unknown impact and remote attack vectors. NOTE: this issue exists because of a CVE-2010-2284 regression.

Published: August 13, 2010; 2:43:27 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2010-2993

The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.

Published: August 13, 2010; 2:43:27 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-2992

packet-gsm_a_rr.c in the GSM A RR dissector in Wireshark 1.2.2 through 1.2.9 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger a NULL pointer dereference.

Published: August 13, 2010; 2:43:16 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2010-2287

Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors.

Published: June 15, 2010; 10:04:26 AM -0400
V3.x:(not available)
V2.0: 8.3 HIGH
CVE-2010-2286

The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.

Published: June 15, 2010; 10:04:26 AM -0400
V3.x:(not available)
V2.0: 3.3 LOW
CVE-2010-2285

The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors.

Published: June 15, 2010; 10:04:26 AM -0400
V3.x:(not available)
V2.0: 3.3 LOW
CVE-2010-2284

Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors.

Published: June 15, 2010; 10:04:26 AM -0400
V3.x:(not available)
V2.0: 8.3 HIGH
CVE-2010-2283

The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors.

Published: June 15, 2010; 10:04:26 AM -0400
V3.x:(not available)
V2.0: 3.3 LOW
CVE-2010-1455

The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file.

Published: May 12, 2010; 7:46:31 AM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2010-0304

Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allow remote attackers to cause a denial of service (crash) via a malformed packet, as demonstrated using a stack-based buffer overflow to the dissect_getaddrsbyname_request function.

Published: February 03, 2010; 1:30:00 PM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2009-4378

The IPMI dissector in Wireshark 1.2.0 through 1.2.4 on Windows allows remote attackers to cause a denial of service (crash) via a crafted packet, related to "formatting a date/time using strftime."

Published: December 21, 2009; 4:30:00 PM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2009-4377

The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pcap.

Published: December 21, 2009; 4:30:00 PM -0500
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2009-4376

Buffer overflow in the daintree_sna_read function in the Daintree SNA file parser in Wireshark 1.2.0 through 1.2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet.

Published: December 21, 2009; 4:30:00 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2009-3550

The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party information.

Published: October 30, 2009; 4:30:00 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM