CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2015-8739 – Wireshark - wmem_alloc Assertion Failure
https://notcve.org/view.php?id=CVE-2015-8739
04 Jan 2016 — The ipmi_fmt_udpport function in epan/dissectors/packet-ipmi.c in the IPMI dissector in Wireshark 2.0.x before 2.0.1 improperly attempts to access a packet scope, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet. La función ipmi_fmt_udpport en epan/dissectors/packet-ipmi.c en el disector IPMI en Wireshark 2.0.x en versiones anteriores a 2.0.1 intenta acceder a un ámbito de paquete de manera inadecuada, lo que permite a atacantes remotos... • https://www.exploit-db.com/exploits/38994 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 1%CPEs: 10EXPL: 1CVE-2015-8729 – Wireshark - ascend_seek Static Out-of-Bounds Read
https://notcve.org/view.php?id=CVE-2015-8729
04 Jan 2016 — The ascend_seek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a '\0' character at the end of a date string, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted file. La función ascend_seek en wiretap/ascendtext.c en el analizador de archivo Ascend en Wireshark 1.12.x en versiones anteriores a 1.12.9 y 2.0.x en versiones anteriores a 2.0.1 no as... • https://www.exploit-db.com/exploits/39001 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 1CVE-2015-8732 – Wireshark - dissect_zcl_pwr_prof_pwrprofstatersp Static Out-of-Bounds Read
https://notcve.org/view.php?id=CVE-2015-8732
04 Jan 2016 — The dissect_zcl_pwr_prof_pwrprofstatersp function in epan/dissectors/packet-zbee-zcl-general.c in the ZigBee ZCL dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the Total Profile Number field, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet. La función dissect_zcl_pwr_prof_pwrprofstatersp en epan/dissectors/packet-zbee-zcl-general.c en el disector ZigBee ZCL en Wireshark 1.12.x en versiones anteri... • https://www.exploit-db.com/exploits/38995 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 1CVE-2015-8730 – Wireshark - dissect_nbap_MACdPDU_Size SIGSEGV
https://notcve.org/view.php?id=CVE-2015-8730
04 Jan 2016 — epan/dissectors/packet-nbap.c in the NBAP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the number of items, which allows remote attackers to cause a denial of service (invalid read operation and application crash) via a crafted packet. epan/dissectors/packet-nbap.c en el disector NBAP en Wireshark 1.12.x en versiones anteriores a 1.12.9 y 2.0.x en versiones anteriores a 2.0.1 no valida el número de elementos, lo que permite a atacantes remotos causar una denegación de... • https://www.exploit-db.com/exploits/38999 • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 1%CPEs: 1EXPL: 1CVE-2015-8740 – Wireshark - dissect_diameter_base_framed_ipv6_prefix Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2015-8740
04 Jan 2016 — The dissect_tds7_colmetadata_token function in epan/dissectors/packet-tds.c in the TDS dissector in Wireshark 2.0.x before 2.0.1 does not validate the number of columns, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet. La función dissect_tds7_colmetadata_token en epan/dissectors/packet-tds.c en el disector TDS en Wireshark 2.0.x en versiones anteriores a 2.0.1 no valida el número de columnas, lo que permite a atacantes remot... • https://www.exploit-db.com/exploits/39003 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 1%CPEs: 10EXPL: 1CVE-2015-8727 – Wireshark - addresses_equal 'dissect_rsvp_common' Use-After-Free
https://notcve.org/view.php?id=CVE-2015-8727
04 Jan 2016 — The dissect_rsvp_common function in epan/dissectors/packet-rsvp.c in the RSVP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not properly maintain request-key data, which allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted packet. La función dissect_rsvp_common en epan/dissectors/packet-rsvp.c en el disector RSVP en Wireshark 1.12.x en versiones anteriores a 1.12.9 y 2.0.x en versiones anteriores a 2.0.1 no mantiene adecuadmante ... • https://www.exploit-db.com/exploits/39002 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2015-8736 – Wireshark - file_read 'wtap_read_bytes_or_eof/mp2t_find_next_pcr' Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2015-8736
04 Jan 2016 — The mp2t_find_next_pcr function in wiretap/mp2t.c in the MP2T file parser in Wireshark 2.0.x before 2.0.1 does not reserve memory for a trailer, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted file. La función mp2t_find_next_pcr en wiretap/mp2t.c en el analizador de archivo MP2T en Wireshark 2.0.x en versiones anteriores a 2.0.1 no reserva memoria para un trailer, lo que permite a atacantes remotos causar una denegación de servicio... • https://www.exploit-db.com/exploits/38997 • CWE-20: Improper Input Validation •