CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9617
https://notcve.org/view.php?id=CVE-2017-9617
In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion (uncontrolled recursion) in the dissect_daap_one_tag function in epan/dissectors/packet-daap.c in the DAAP dissector. En Wireshark 2.2.7, en los datos DAAP alojados profundamente podrían causar agotamiento de la pila (recursión incontrolada en la función dissect_daap_one_tag en epan/dissectors/packet-daap.c en el disector DAAP. • http://www.securityfocus.com/bid/99087 http://www.securitytracker.com/id/1038706 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13799 • CWE-674: Uncontrolled Recursion •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-9616
https://notcve.org/view.php?id=CVE-2017-9616
In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion (uncontrolled recursion) in the dissect_mp4_box function in epan/dissectors/file-mp4.c. En Wireshark 2.2.7, pedazos mp4 excesivamente profundos podrían causar agotamiento de pila -stack- (recursión incontrolable en la función dissect_mp4_box epan/dissector/file-mp4.c • http://www.securityfocus.com/bid/99085 http://www.securitytracker.com/id/1038706 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13777 • CWE-674: Uncontrolled Recursion •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2017-9343
https://notcve.org/view.php?id=CVE-2017-9343
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the MSNIP dissector misuses a NULL pointer. This was addressed in epan/dissectors/packet-msnip.c by validating an IPv4 address. En Wireshark versión 2.2.0 hasta 2.2.6 y versión 2.0.0 hasta 2.0.12, el disector MSNIP hace un uso inapropiado de un puntero NULL. Esto fue dirigido en el archivo epan/dissectors/packet-msnip.c validando una dirección IPv4. • http://www.securityfocus.com/bid/98797 http://www.securitytracker.com/id/1038612 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1678 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13725 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=27556320b41904716b9c9f73ef8f4fe705d1e669 https://www.wireshark.org/security/wnpa-sec-2017-30.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2017-9344
https://notcve.org/view.php?id=CVE-2017-9344
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth L2CAP dissector could divide by zero. This was addressed in epan/dissectors/packet-btl2cap.c by validating an interval value. En Wireshark versión 2.2.0 hasta 2.2.6 y versión 2.0.0 hasta 2.0.12, el disector Bluetooth L2CAP podría dividirse por cero. Esto se abordó en epan/dissectors/packet-btl2cap.c mediante la comprobación de un valor de intervalo. • http://www.securityfocus.com/bid/98796 http://www.securitytracker.com/id/1038612 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1539 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13701 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=6308ae03d82a29a2e3d75e1c325c8a9f6c44dcdf https://lists.debian.org/debian-lts-announce/2019/03/msg00031.html https://www.wireshark.org/security/wnpa-sec-2017-29.html • CWE-369: Divide By Zero •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2017-9349
https://notcve.org/view.php?id=CVE-2017-9349
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an infinite loop. This was addressed in epan/dissectors/packet-dcm.c by validating a length value. En Wireshark versión 2.2.0 hasta 2.2.6 y versión 2.0.0 hasta 2.0.12, el disector DICOM tiene un bucle infinito. Esto se abordó en epan/dissectors/packet-dcm.c mediante la comprobación de un valor de longitud. • http://www.securityfocus.com/bid/98803 http://www.securitytracker.com/id/1038612 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1329 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13685 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=cb1b6494c44c9e939d9e2554de6b812de395e3f9 https://lists.debian.org/debian-lts-announce/2019/03/msg00031.html https://www.wireshark.org/security/wnpa-sec-2017-27.html • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •