Page 26 of 295 results (0.007 seconds)

CVSS: 6.8EPSS: 1%CPEs: 11EXPL: 1

epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.8.x before 1.8.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service (integer overflow, and heap memory corruption or NULL pointer dereference, and application crash) via a malformed packet. epan/dissectors/packet-dcp-etsi.c en el disector DCP ETSI en Wireshar v1.8.x antes de v1.8.7 utiliza tipos de datos enteros incorrectos, lo que permite a atacantes remotos provocar una denegación de servicio (desbordamiento de enteros y corrupción de memoria dinámica o referencia a un puntero NULL y caída de aplicación) a través de un paquete mal formado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-dcp-etsi.c?r1=48644&r2=48643&pathrev=48644 http://anonsvn.wireshark.org/viewvc?view=revision&revision=48644 http://lists.opensuse.org/opensuse-updates/2013-06/msg00048.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00083.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html http://rhn.redhat.com/errata/RHSA-2014-0341.html http://sec • CWE-189: Numeric Errors •

CVSS: 5.0EPSS: 4%CPEs: 11EXPL: 1

The dissect_dsmcc_un_download function in epan/dissectors/packet-mpeg-dsmcc.c in the MPEG DSM-CC dissector in Wireshark 1.8.x before 1.8.7 uses an incorrect format string, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. La función dissect_dsmcc_un_download en epan/dissectors/packet-mpeg-dsmcc.c en el disector MPEG DSM-CC en Wireshark v1.8.x antes de v1.8.7 utiliza una cadena de formato incorrecto, lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un paquete mal formado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-mpeg-dsmcc.c?r1=48332&r2=48331&pathrev=48332 http://anonsvn.wireshark.org/viewvc?view=revision&revision=48332 http://lists.opensuse.org/opensuse-updates/2013-06/msg00048.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00083.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html http://secunia.com/advisories/53425 http://secunia.com/advisorie • CWE-134: Use of Externally-Controlled Format String •

CVSS: 5.0EPSS: 0%CPEs: 11EXPL: 1

epan/dissectors/packet-gtpv2.c in the GTPv2 dissector in Wireshark 1.8.x before 1.8.7 calls incorrect functions in certain contexts related to ciphers, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. epan/dissectors/packet-gtpv2.c en el disector GTPv2 en Wireshark v1.8.x antes de v1.8.7, llama a funciones incorrectas en determinados contextos relacionados con sistemas de cifrado, lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un paquete mal formado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-gtpv2.c?r1=48393&r2=48392&pathrev=48393 http://anonsvn.wireshark.org/viewvc?view=revision&revision=48393 http://lists.opensuse.org/opensuse-updates/2013-06/msg00048.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00083.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html http://secunia.com/advisories/53425 http://secunia.com/advisories/54 • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 0%CPEs: 26EXPL: 0

The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application crash) via a malformed packet. La función fragment_add_seq_common en epan/reassemble.c en el disector ASN.1 BER en Wireshark antes de r48943 tiene una referencia a un puntero incorrecto durante la comparación, lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un paquete mal formado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/reassemble.c?r1=48943&r2=48942&pathrev=48943 http://anonsvn.wireshark.org/viewvc?view=revision&revision=48943 http://lists.opensuse.org/opensuse-updates/2013-06/msg00048.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00083.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html http://secunia.com/advisories/53425 http://secunia.com/advisories/54425 http:/ • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 1%CPEs: 11EXPL: 1

Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (application crash) via a malformed packet. Múltiples errores de signo de enteros en la función tvb_unmasked en epan/dissectors/packets-websocket.c en el Websocket dissector en Wireshark v1.8.x antes de v1.8.7 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un paquete mal formado. • http://anonsvn.wireshark.org/viewvc/trunk-1.8/epan/dissectors/packet-websocket.c?r1=48419&r2=48418&pathrev=48419 http://anonsvn.wireshark.org/viewvc?view=revision&revision=48419 http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html http://secunia.com/advisories/53425 http://secunia.com/advisories/54425 http://www.debian.org/security/2013/dsa-2700 http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml http&# • CWE-189: Numeric Errors •