CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 0CVE-2013-3556 – Gentoo Linux Security Advisory 201308-05
https://notcve.org/view.php?id=CVE-2013-3556
25 May 2013 — The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. La función fragment_add_seq_common en epan/reassemble.c en el disector ASN.1 BER en Wireshark antes de r48943 tiene una referencia a un puntero incorrecto durante la comparación, lo que permite a atacantes remotos provocar una denegación d... • http://anonsvn.wireshark.org/viewvc/trunk/epan/reassemble.c?r1=48943&r2=48942&pathrev=48943 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 1CVE-2013-3557 – wireshark: DoS (crash) in the ASN.1 BER dissector (wnpa-sec-2013-25, upstream #8599)
https://notcve.org/view.php?id=CVE-2013-3557
25 May 2013 — The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. La función dissect_ber_choice en epan/dissectors/packet-ber.c en el disector ASN.1 BER en Wireshark v1.6.x antes de v1.6.15 y v1.8.x antes de v1.8.7 no inicializa correctamente una determinada variable, lo que per... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-ber.c?r1=48944&r2=48943&pathrev=48944 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 11EXPL: 0CVE-2013-3558 – Gentoo Linux Security Advisory 201308-05
https://notcve.org/view.php?id=CVE-2013-3558
25 May 2013 — The dissect_ccp_bsdcomp_opt function in epan/dissectors/packet-ppp.c in the PPP CCP dissector in Wireshark 1.8.x before 1.8.7 does not terminate a bit-field list, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. La función dissect_ccp_bsdcomp_opt en epan/dissectors/packet-ppp.c en el disector PPP CCP en Wireshark v1.8.x antes de v1.8.7 no termina la lista del campo de bits, lo que permite a atacantes remotos provocar una denegación de servicio (caída de ... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-ppp.c?r1=49214&r2=49213&pathrev=49214 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 1%CPEs: 11EXPL: 1CVE-2013-3559 – wireshark: DoS (crash) in the DCP ETSI dissector (wnpa-sec-2013-27, upstream #8231, #8540, #8541)
https://notcve.org/view.php?id=CVE-2013-3559
25 May 2013 — epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet. epan/dissectors/packet-dcp-etsi.c en el disector DCP ETSI en Wireshar v1.8.x antes de v1.8.7 utiliza tipos de datos enteros incorrectos, lo que permite a atacantes remotos provocar una denegación de servi... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-dcp-etsi.c?r1=48644&r2=48643&pathrev=48644 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 4%CPEs: 11EXPL: 1CVE-2013-3560 – Debian Security Advisory 2700-1
https://notcve.org/view.php?id=CVE-2013-3560
25 May 2013 — The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. La función dissect_dsmcc_un_download en epan/dissectors/packet-mpeg-dsmcc.c en el disector MPEG DSM-CC en Wireshark v1.8.x antes de v1.8.7 utiliza una cadena de formato incorrecto, lo que permite a atacantes remotos provocar una denegaci... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-mpeg-dsmcc.c?r1=48332&r2=48331&pathrev=48332 • CWE-134: Use of Externally-Controlled Format String •
CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2013-3561 – wireshark: Multiple Denial of Service flaws
https://notcve.org/view.php?id=CVE-2013-3561
25 May 2013 — Multiple integer overflows in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (loop or application crash) via a malformed packet, related to a crash of the Websocket dissector, an infinite loop in the MySQL dissector, and a large loop in the ETCH dissector. Múltiples desbordamientos de enteros en Wireshark v1.8.x antes de v1.8.7 permite a atacantes remotos provocar una denegación de servicio (bucle o caída de aplicación) a través de un paquete mal formado, en relación con un... • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-etch.c?r1=48919&r2=48918&pathrev=48919 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 1%CPEs: 11EXPL: 1CVE-2013-3562 – Debian Security Advisory 2700-1
https://notcve.org/view.php?id=CVE-2013-3562
25 May 2013 — Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (application crash) via a malformed packet. Múltiples errores de signo de enteros en la función tvb_unmasked en epan/dissectors/packets-websocket.c en el Websocket dissector en Wireshark v1.8.x antes de v1.8.7 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a t... • http://anonsvn.wireshark.org/viewvc/trunk-1.8/epan/dissectors/packet-websocket.c?r1=48419&r2=48418&pathrev=48419 • CWE-189: Numeric Errors •
CVSS: 7.5EPSS: 78%CPEs: 23EXPL: 0CVE-2002-2443 – krb5: UDP ping-pong flaw in kpasswd
https://notcve.org/view.php?id=CVE-2002-2443
21 May 2013 — schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged packet that triggers a communication loop, as demonstrated by krb_pingpong.nasl, a related issue to CVE-1999-0103. schpw.c en el servicio kpasswd en kadmind en MIT Kerberos 5 (conocido como krb5) anterior a v1.11.3 no valida correctamente los paquetes UDP an... • http://krbdev.mit.edu/rt/Ticket/Display.html?id=7637 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2013-3324 – flash-plugin: multiple code execution flaws (APSB13-14)
https://notcve.org/view.php?id=CVE-2013-3324
16 May 2013 — Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3325, CVE-2013-3326, CVE-2013-332... • http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 26EXPL: 0CVE-2013-3326 – flash-plugin: multiple code execution flaws (APSB13-14)
https://notcve.org/view.php?id=CVE-2013-3326
16 May 2013 — Adobe Flash Player before 10.3.183.86 and 11.x before 11.7.700.202 on Windows and Mac OS X, before 10.3.183.86 and 11.x before 11.2.202.285 on Linux, before 11.1.111.54 on Android 2.x and 3.x, and before 11.1.115.58 on Android 4.x; Adobe AIR before 3.7.0.1860; and Adobe AIR SDK & Compiler before 3.7.0.1860 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2728, CVE-2013-3324, CVE-2013-3325, CVE-2013-332... • http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •