CVSS: 5.0EPSS: 0%CPEs: 10EXPL: 0CVE-2013-4932 – wireshark: Multiple array index errors in the GSM A Common dissector (wnpa-sec-2013-50)
https://notcve.org/view.php?id=CVE-2013-4932
Multiple array index errors in epan/dissectors/packet-gsm_a_common.c in the GSM A Common dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allow remote attackers to cause a denial of service (application crash) via a crafted packet. Múltiples errores de indexación de matrices en epan/dissectors/packet-gsm_a_common.c el disector GSM A Common de Wireshark 1.8.x anterior 1.8.9 y 1.10.x anterior 1.10.1, permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un paquete manipulado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-gsm_a_common.c?r1=50672&r2=50671&pathrev=50672 http://anonsvn.wireshark.org/viewvc?view=revision&revision=50672 http://lists.opensuse.org/opensuse-updates/2013-08/msg00004.html http://lists.opensuse.org/opensuse-updates/2013-08/msg00009.html http://rhn.redhat.com/errata/RHSA-2014-0341.html http://secunia.com/advisories/54178 http://secunia.com/advisories/54296 http://secunia.com/advisories/54371 http://secunia.com/adviso • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 10EXPL: 0CVE-2013-4933 – wireshark: DoS (application crash) in the Netmon file parser (wnpa-sec-2013-51)
https://notcve.org/view.php?id=CVE-2013-4933
The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file. La función netmon_open en wiretap/netmon.c del validador de archivos Netmon en Wireshark 1.8.x anterior 1.8.9 y 1.10.x anterior 1.10.1, no asigna memoria decuadamente, lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un archivo paquet-trace manipulado. • http://anonsvn.wireshark.org/viewvc/trunk/wiretap/netmon.c?r1=49673&r2=49672&pathrev=49673 http://anonsvn.wireshark.org/viewvc?view=revision&revision=49673 http://lists.opensuse.org/opensuse-updates/2013-08/msg00004.html http://lists.opensuse.org/opensuse-updates/2013-08/msg00009.html http://rhn.redhat.com/errata/RHSA-2014-0341.html http://secunia.com/advisories/54178 http://secunia.com/advisories/54296 http://secunia.com/advisories/54371 http://secunia.com/advisories/54425 http:/&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0CVE-2013-4934 – wireshark: DoS (application crash) in the Netmon file parser (wnpa-sec-2013-51) (A different flaw than CVE-2013-4933)
https://notcve.org/view.php?id=CVE-2013-4934
The netmon_open function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize certain structure members, which allows remote attackers to cause a denial of service (application crash) via a crafted packet-trace file. La función netmon_open en wiretap/netmon.c del validador de archivos Netmon en Wireshark 1.8.x anterior 1.8.9 y 1.10.x anterior 1.10.1, no inicializa determinados miembros de estructuras, lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un paquete manipulado. • http://anonsvn.wireshark.org/viewvc/trunk/wiretap/netmon.c?r1=49697&r2=49696&pathrev=49697 http://anonsvn.wireshark.org/viewvc?view=revision&revision=49697 http://lists.opensuse.org/opensuse-updates/2013-08/msg00004.html http://lists.opensuse.org/opensuse-updates/2013-08/msg00009.html http://rhn.redhat.com/errata/RHSA-2014-0341.html http://secunia.com/advisories/54178 http://secunia.com/advisories/54296 http://secunia.com/advisories/54371 http://secunia.com/advisories/54425 http:/&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0CVE-2013-4935 – wireshark: DoS (application crash) in the ASN.1 PER dissector (wnpa-sec-2013-52)
https://notcve.org/view.php?id=CVE-2013-4935
The dissect_per_length_determinant function in epan/dissectors/packet-per.c in the ASN.1 PER dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not initialize a length field in certain abnormal situations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet. La función dissect_per_length_determinant en epan/dissectors/packet-smtp.c del disector ASN.1 PER en Wireshark 1.8.x anterior a 1.8.9 y 1.10.x anterior a 1.10.1 no inicializa un tamaño de campo en determinadas situaciones anormales, lo que permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un paquete manipulado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-per.c?r1=49985&r2=49984&pathrev=49985 http://anonsvn.wireshark.org/viewvc?view=revision&revision=49985 http://lists.opensuse.org/opensuse-updates/2013-08/msg00004.html http://lists.opensuse.org/opensuse-updates/2013-08/msg00009.html http://rhn.redhat.com/errata/RHSA-2014-0341.html http://secunia.com/advisories/54178 http://secunia.com/advisories/54296 http://secunia.com/advisories/54371 http://secunia.com/advisories/54425&# • CWE-189: Numeric Errors •
CVSS: 5.0EPSS: 0%CPEs: 11EXPL: 0CVE-2013-4079
https://notcve.org/view.php?id=CVE-2013-4079
The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite loop and application hang) via a crafted packet. La función dissect_schedule_message en epan/dissectors/packet-gsm_cbch.c GSM CBCH dissector en Wireshark 1.8.x anterior 1.8.8 permite a atacantes remotos provocar una denegación de servicio (bucle infinito y cuelgue de aplicación) a través de un paquete manipulado. • http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-gsm_cbch.c?r1=49686&r2=49685&pathrev=49686 http://anonsvn.wireshark.org/viewvc?view=revision&revision=49686 http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html http://secunia.com/advisories/53762 http://secunia.com/advisories/54425 http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml http://www.wireshark.org/docs/relnotes/wireshark-1.8.8&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •