CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-7328
https://notcve.org/view.php?id=CVE-2018-7328
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-usb.c had an infinite loop that was addressed by rejecting short frame header lengths. En Wireshark 2.4.0 a 2.4.4 y 2.2.0 a 2.2.12, epan/dissectors/packet-usb.c tenía un bucle infinito que se abordó rechazando las longitudes de cabecera de trama cortas. • http://www.securityfocus.com/bid/103158 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14421 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=69d09028c956f6e049145485ce9b3e2858789b2b https://www.wireshark.org/security/wnpa-sec-2018-06.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-7333
https://notcve.org/view.php?id=CVE-2018-7333
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpcrdma.c had an infinite loop that was addressed by validating a chunk size. En Wireshark 2.4.0 a 2.4.4 y 2.2.0 a 2.2.12, epan/dissectors/packet-rpcrdma.c tenía un bucle infinito que se abordó validando un tamaño de fragmento. • http://www.securityfocus.com/bid/103158 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14449 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=bd6313181317bfe83842b27650b65f3c2b8d5dc9 https://www.wireshark.org/security/wnpa-sec-2018-06.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2018-6836
https://notcve.org/view.php?id=CVE-2018-6836
The netmonrec_comment_destroy function in wiretap/netmon.c in Wireshark through 2.4.4 performs a free operation on an uninitialized memory address, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. La función netmonrec_comment_destroy en wiretap/netmon.c en Wireshark, hasta la versión 2.4.4, realiza una operación de liberación en una dirección de memoria no inicializada, lo que permite que atacantes remotos provoquen una denegación de servicio (cierre inesperado de la aplicación) u otro tipo de impacto sin especificar. • https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14397 https://code.wireshark.org/review/#/c/25660 https://code.wireshark.org/review/#/c/25660/2/wiretap/netmon.c https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=28960d79cca262ac6b974f339697b299a1e28fef • CWE-763: Release of Invalid Pointer or Reference •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-5334
https://notcve.org/view.php?id=CVE-2018-5334
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by correcting the signature timestamp bounds checks. En Wireshark 2.4.0 a 2.4.3 y 2.2.0 a 2.2.11, el analizador IxVeriWave de archivos podría cerrarse inesperadamente. Esto se abordó en wiretap/vwr.c corrigiendo las comprobaciones de límites de marca de tiempo de firma. • http://www.securityfocus.com/bid/102499 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14297 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=dc308c05ba0673460fe80873b22d296880ee996d https://lists.debian.org/debian-lts-announce/2018/01/msg00032.html https://www.debian.org/security/2018/dsa-4101 https://www.wireshark.org/security/wnpa-sec-2018-03.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2018-5335
https://notcve.org/view.php?id=CVE-2018-5335
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the WCP dissector could crash. This was addressed in epan/dissectors/packet-wcp.c by validating the available buffer length. En Wireshark 2.4.0 a 2.4.3 y 2.2.0 a 2.2.11, el disector WCP podría cerrarse inesperadamente. Esto se trató en epan/dissectors/packet-wcp.c validando la longitud del búfer disponible. • http://www.securityfocus.com/bid/102500 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14251 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=086b87376b988c555484349aa115d6e08ac6db07 https://lists.debian.org/debian-lts-announce/2018/01/msg00032.html https://www.debian.org/security/2018/dsa-4101 https://www.wireshark.org/security/wnpa-sec-2018-04.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •