CVSS: 10.0EPSS: 6%CPEs: 33EXPL: 0CVE-2010-2995 – wireshark: SigComp UDVM dissector buffer overruns
https://notcve.org/view.php?id=CVE-2010-2995
13 Aug 2010 — The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error, which triggers a buffer overflow, different vulnerabilities than CVE-2010-2287. El Universal Decompressor Virtual Machine (UDVM) de SigComp en Wireshark versiones 0.10.8 hasta 1.0.14 y versiones 1.2.0 hasta 1.2.9, permite a los atacant... • http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 4%CPEs: 34EXPL: 0CVE-2010-2284 – wireshark: ASN.1 BER dissector stack overrun
https://notcve.org/view.php?id=CVE-2010-2284
15 Jun 2010 — Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. Desbordamiento de búfer en el analizador ASN.1 BER en Wireshark 0.10.13 a 1.0.13 y 1.2.0 a 1.2.8 tiene un impacto desconocido y vectores de ataque remotos. • http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 35EXPL: 0CVE-2010-2285
https://notcve.org/view.php?id=CVE-2010-2285
15 Jun 2010 — The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (NULL pointer dereference) via unknown vectors. El disector de SMB PIPE en Wireshark v0.8.20 a 1.0.13 y v1.2.0 a v1.2.8 permite a atacantes remotos provocar una denegación de servicio (desreferencia de puntero nulo) a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html •
CVSS: 7.5EPSS: 1%CPEs: 41EXPL: 0CVE-2010-2286 – wireshark: SigComp UDVM dissector infinite loop
https://notcve.org/view.php?id=CVE-2010-2286
15 Jun 2010 — The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. El analizador de protocolo SigComp Universal Decompressor Virtual Machine en Wireshark v0.10.7 hasta v1.0.13 y v1.2.0 hasta v1.2.8 permite a atacantes remotos provocar una denegación de servicio (búcle infinito) a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html • CWE-399: Resource Management Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 9.8EPSS: 4%CPEs: 39EXPL: 0CVE-2010-2287 – wireshark: SigComp UDVM dissector buffer overruns
https://notcve.org/view.php?id=CVE-2010-2287
15 Jun 2010 — Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors. Desbordamiento de búfer en el disector de SigComp Universal Decompressor Virtual Machine de Wireshark v0.10.8 a v1.0.13 y v1.2.0 a v1.2.8 tiene un impacto desconocido y vectores de ataque remoto. • http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 35EXPL: 0CVE-2010-1455 – wireshark: DOCSIS dissector crash
https://notcve.org/view.php?id=CVE-2010-1455
11 May 2010 — The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file. El disector de DOCSIS en Wireshark v0.9.6 hasta v1.2.0 y v1.0.12 hasta v1.2.7 permite a atacantes remotos ayudados por el usuario provocar una denegación de servicio (cuelgue de aplicación) a través de un archivo de traza de paquetes mal formado. • http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 67%CPEs: 20EXPL: 4CVE-2010-0304 – Wireshark - LWRES Dissector getaddrsbyname_request Buffer Overflow
https://notcve.org/view.php?id=CVE-2010-0304
03 Feb 2010 — Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allow remote attackers to cause a denial of service (crash) via a malformed packet, as demonstrated using a stack-based buffer overflow to the dissect_getaddrsbyname_request function. Múltiples desbordamientos de búfer en LWRES dissector en Wireshark desde v0.9.15 hasta v1.0.10 y desde v1.2.0 hasta v1.2.5 permite a atacantes remotos producir una denegación de servicio (caída) a través de un paquete ma... • https://www.exploit-db.com/exploits/16289 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 1%CPEs: 36EXPL: 2CVE-2009-4377 – wireshark: invalid pointer dereference in SMB/SMB2 dissectors
https://notcve.org/view.php?id=CVE-2009-4377
21 Dec 2009 — The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pcap. El analizador (1) SMB y (2) SMB2 en Wireshark v0.9.0 hasta v1.2.4 permite a atacantes remotos provocar una denegación de servicio (caída) mediante un paquete modificado, como se ha demostrado por fuzz-2009-12-07-11141.pcap. • http://osvdb.org/61178 •
CVSS: 9.8EPSS: 5%CPEs: 53EXPL: 0CVE-2009-3829 – wireshark: unsigned integer wrap vulnerability in ERF reader (VU#676492)
https://notcve.org/view.php?id=CVE-2009-3829
30 Oct 2009 — Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability." Desbordamiento de entero en wiretap/erf.c en Wireshark en versiones anteriores a v1.2.2 permite a atacantes remotos ejecutar código arbitrario o producir una denegación de servicio (caída de aplicación) a través de un fichero erf manipulado, relacionado con la vulnerabilidad ... • http://anonsvn.wireshark.org/viewvc/trunk/wiretap/erf.c?view=markup&pathrev=29364 • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 1%CPEs: 28EXPL: 0CVE-2009-3550 – Wireshark: NULL pointer dereference in the DCERPC over SMB packet disassembly
https://notcve.org/view.php?id=CVE-2009-3550
30 Oct 2009 — The DCERPC/NT dissector in Wireshark 0.10.10 through 1.0.9 and 1.2.0 through 1.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a file that records a malformed packet trace. NOTE: some of these details are obtained from third party information. El analizador DCERPC/NT en Wireshark desde v0.10.10 hasta v1.0.9 y desde v1.2.0 hasta v1.2.2 permite a atacantes remotos producir una denegación de servicio (desreferencia a puntero NULL y caída de aplicaci... • http://secunia.com/advisories/37175 • CWE-476: NULL Pointer Dereference •