CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2013-4075 – wireshark: DoS (crash) in the GMR-1 BCCH dissector (wnpa-sec-2013-33)
https://notcve.org/view.php?id=CVE-2013-4075
09 Jun 2013 — epan/dissectors/packet-gmr1_bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. epan/dissectors/packet-gmr1_bcch.c en el dissector GMR-1 BCCH en Wireshark v1.8.x anterior a v1.8.8 no inicializa correctamente memoria, lo que permite a atacantes remotos causar una denegación de servicio (caída de la aplicación) mediante un paquetes especialmente diseñado. A f... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-gmr1_bcch.c?r1=44674&r2=44673&pathrev=44674 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2013-4079 – Gentoo Linux Security Advisory 201308-05
https://notcve.org/view.php?id=CVE-2013-4079
09 Jun 2013 — The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite loop and application hang) via a crafted packet. La función dissect_schedule_message en epan/dissectors/packet-gsm_cbch.c GSM CBCH dissector en Wireshark 1.8.x anterior 1.8.8 permite a atacantes remotos provocar una denegación de servicio (bucle infinito y cuelgue de aplicación) a través de un paquete manipulado. M... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-gsm_cbch.c?r1=49686&r2=49685&pathrev=49686 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2013-4082 – Gentoo Linux Security Advisory 201308-05
https://notcve.org/view.php?id=CVE-2013-4082
09 Jun 2013 — The vwr_read function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.8 does not validate the relationship between a record length and a trailer length, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted packet. La función vwr_read en wiretap/vwr.c en el analizador Ixia IxVeriWave en Wireshark 1.8.x anterior a 1.8.8, no valida la relación entre el tamaño de registro el tamaño del "trailer", lo que perm... • http://anonsvn.wireshark.org/viewvc/trunk/wiretap/vwr.c?r1=49739&r2=49738&pathrev=49739 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 1%CPEs: 16EXPL: 0CVE-2013-1872 – Mesa: Memory corruption (OOB read/write) on intel drivers
https://notcve.org/view.php?id=CVE-2013-1872
03 Jun 2013 — The Intel drivers in Mesa 8.0.x and 9.0.x allow context-dependent attackers to cause a denial of service (reachable assertion and crash) and possibly execute arbitrary code via vectors involving 3d graphics that trigger an out-of-bounds array access, related to the fs_visitor::remove_dead_constants function. NOTE: this issue might be related to CVE-2013-0796. Los controladores Intel en Mesa 8.0.x y 9.0.x, permiten a atacantes dependientes del contexto provocar una denegación de servicio (caída y afirmación ... • http://advisories.mageia.org/MGASA-2013-0190.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 8%CPEs: 5EXPL: 3CVE-2013-2765 – ModSecurity - Remote Null Pointer Dereference
https://notcve.org/view.php?id=CVE-2013-2765
29 May 2013 — The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header. El módulo ModSecurity anterior a 2.7.4 para Apache HTTP Server, permite a atacantes remotos provocar una denegación de servicio (deferencia a puntero NULO, caída de proceso y consumo de disco) a través de una petición POST con un cuerpo (body) de gran tamaño y... • https://packetstorm.news/files/id/121815 • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 3%CPEs: 11EXPL: 1CVE-2013-3555 – Gentoo Linux Security Advisory 201308-05
https://notcve.org/view.php?id=CVE-2013-3555
25 May 2013 — epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. epan/dissectors/packet-gtpv2.c en el disector GTPv2 en Wireshark v1.8.x antes de v1.8.7, llama a funciones incorrectas en determinados contextos relacionados con sistemas de cifrado, lo que permite a atacantes remotos provocar una denegación de servicio (ca... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-gtpv2.c?r1=48393&r2=48392&pathrev=48393 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 1%CPEs: 26EXPL: 0CVE-2013-3556 – Gentoo Linux Security Advisory 201308-05
https://notcve.org/view.php?id=CVE-2013-3556
25 May 2013 — The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. La función fragment_add_seq_common en epan/reassemble.c en el disector ASN.1 BER en Wireshark antes de r48943 tiene una referencia a un puntero incorrecto durante la comparación, lo que permite a atacantes remotos provocar una denegación d... • http://anonsvn.wireshark.org/viewvc/trunk/epan/reassemble.c?r1=48943&r2=48942&pathrev=48943 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 4%CPEs: 26EXPL: 1CVE-2013-3557 – wireshark: DoS (crash) in the ASN.1 BER dissector (wnpa-sec-2013-25, upstream #8599)
https://notcve.org/view.php?id=CVE-2013-3557
25 May 2013 — The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. La función dissect_ber_choice en epan/dissectors/packet-ber.c en el disector ASN.1 BER en Wireshark v1.6.x antes de v1.6.15 y v1.8.x antes de v1.8.7 no inicializa correctamente una determinada variable, lo que per... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-ber.c?r1=48944&r2=48943&pathrev=48944 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 3%CPEs: 11EXPL: 0CVE-2013-3558 – Gentoo Linux Security Advisory 201308-05
https://notcve.org/view.php?id=CVE-2013-3558
25 May 2013 — The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. La función dissect_ccp_bsdcomp_opt en epan/dissectors/packet-ppp.c en el disector PPP CCP en Wireshark v1.8.x antes de v1.8.7 no termina la lista del campo de bits, lo que permite a atacantes remotos provocar una denegación de servicio (caída de ... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-ppp.c?r1=49214&r2=49213&pathrev=49214 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 5%CPEs: 11EXPL: 1CVE-2013-3559 – wireshark: DoS (crash) in the DCP ETSI dissector (wnpa-sec-2013-27, upstream #8231, #8540, #8541)
https://notcve.org/view.php?id=CVE-2013-3559
25 May 2013 — epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet. epan/dissectors/packet-dcp-etsi.c en el disector DCP ETSI en Wireshar v1.8.x antes de v1.8.7 utiliza tipos de datos enteros incorrectos, lo que permite a atacantes remotos provocar una denegación de servi... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-dcp-etsi.c?r1=48644&r2=48643&pathrev=48644 • CWE-189: Numeric Errors •