CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2015-8714 – Debian Security Advisory 3505-1
https://notcve.org/view.php?id=CVE-2015-8714
04 Jan 2016 — The dissect_dcom_OBJREF function in epan/dissectors/packet-dcom.c in the DCOM dissector in Wireshark 1.12.x before 1.12.9 does not initialize a certain IPv4 data structure, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. La función dissect_dcom_OBJREF en epan/dissectors/packet-dcom.c en el disector DCOM en Wireshark 1.12.x en versiones anteriores a 1.12.9 does no inicializa una cierta estructura de datos IPv4, lo que permite a atacantes remotos provocar u... • http://www.debian.org/security/2016/dsa-3505 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2015-8715 – Debian Security Advisory 3505-1
https://notcve.org/view.php?id=CVE-2015-8715
04 Jan 2016 — epan/dissectors/packet-alljoyn.c in the AllJoyn dissector in Wireshark 1.12.x before 1.12.9 does not check for empty arguments, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. epan/dissectors/packet-alljoyn.c en el disector AllJoyn en Wireshark 1.12.x en versiones anteriores a 1.12.9 no comprueba para argumentos vacíos, lo que permite a atacantes remotos provocar una denegación de servicio (búcle infinito) a través de un paquete manipulado. Multiple vulnerabi... • http://www.debian.org/security/2016/dsa-3505 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2015-8716 – Debian Security Advisory 3505-1
https://notcve.org/view.php?id=CVE-2015-8716
04 Jan 2016 — The init_t38_info_conv function in epan/dissectors/packet-t38.c in the T.38 dissector in Wireshark 1.12.x before 1.12.9 does not ensure that a conversation exists, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. La función init_t38_info_conv en epan/dissectors/packet-t38.c en el disector T.38 en Wireshark 1.12.x en versiones anteriores a 1.12.9 no asegura que exista una conversación, lo que permite a atacantes remotos provocar una denegación de servicio (... • http://www.debian.org/security/2016/dsa-3505 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2015-8717 – Debian Security Advisory 3505-1
https://notcve.org/view.php?id=CVE-2015-8717
04 Jan 2016 — The dissect_sdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. La función dissect_sdp en epan/dissectors/packet-sdp.c en el disector SDP en Wireshark 1.12.x en versiones anteriores a 1.12.9 no impide utilizar una cuenta negativa de medios, lo que permite a atacantes remotos provocar una denegación de servicio (ca... • http://www.debian.org/security/2016/dsa-3505 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2015-8718 – Debian Security Advisory 3505-1
https://notcve.org/view.php?id=CVE-2015-8718
04 Jan 2016 — Double free vulnerability in epan/dissectors/packet-nlm.c in the NLM dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1, when the "Match MSG/RES packets for async NLM" option is enabled, allows remote attackers to cause a denial of service (application crash) via a crafted packet. Vulnerabilidad de liberación doble en epan/dissectors/packet-nlm.c en el disector NLM en Wireshark 1.12.x en versiones anteriores a 1.12.9 y 2.0.x en versiones anterioers a 2.0.1, cuando la opción "Match MSG/RES pa... • http://www.debian.org/security/2016/dsa-3505 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2015-8719 – Debian Security Advisory 3505-1
https://notcve.org/view.php?id=CVE-2015-8719
04 Jan 2016 — The dissect_dns_answer function in epan/dissectors/packet-dns.c in the DNS dissector in Wireshark 1.12.x before 1.12.9 mishandles the EDNS0 Client Subnet option, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. La función dissect_dns_answer en epan/dissectors/packet-dns.c en el disector DNS en Wireshark 1.12.x en versiones anteriores a 1.12.9 no maneja correctamente la opción EDNS0 Client Subnet, lo que permite a atacantes remotos provocar una denegación d... • http://www.debian.org/security/2016/dsa-3505 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2015-8720 – Debian Security Advisory 3505-1
https://notcve.org/view.php?id=CVE-2015-8720
04 Jan 2016 — The dissect_ber_GeneralizedTime function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 improperly checks an sscanf return value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. La función dissect_ber_GeneralizedTime en epan/dissectors/packet-ber.c en el disector BER en Wireshark 1.12.x en versiones anteriores a 1.12.9 y 2.0.x en versiones anteriores a 2.0.1 verifica indebidamente un valor de ... • http://www.debian.org/security/2016/dsa-3505 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2015-8721 – Debian Security Advisory 3505-1
https://notcve.org/view.php?id=CVE-2015-8721
04 Jan 2016 — Buffer overflow in the tvb_uncompress function in epan/tvbuff_zlib.c in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet with zlib compression. Desbordamiento de buffer en la función tvb_uncompress en epan/tvbuff_zlib.c en Wireshark 1.12.x en versiones anteriores a 1.12.9 y 2.0.x en versiones anteriores a 2.0.1 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un... • http://www.debian.org/security/2016/dsa-3505 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 0CVE-2015-8722 – Debian Security Advisory 3505-1
https://notcve.org/view.php?id=CVE-2015-8722
04 Jan 2016 — epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the frame pointer, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet. epan/dissectors/packet-sctp.c en el disector SCTP en Wireshark 1.12.x en versiones anteriores a 1.12.9 y 2.0.x en versiones anteriores a 2.0.1 no valida el puntero del frame, lo que permite a atacantes remotos provocar una denegación de... • http://www.debian.org/security/2016/dsa-3505 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 1CVE-2015-8723 – Wireshark - AirPDcapPacketProcess Stack Buffer Overflow
https://notcve.org/view.php?id=CVE-2015-8723
04 Jan 2016 — The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet. La función AirPDcapPacketProcess en epan/crypt/airpdcap.c en el disector 802.11 en Wireshark 1.12.x en versiones anteriores a 1.12.9 y 2.0.x en versiones ... • https://www.exploit-db.com/exploits/39005 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •