CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2015-3815 – Gentoo Linux Security Advisory 201510-03
https://notcve.org/view.php?id=CVE-2015-3815
14 May 2015 — The detect_version function in wiretap/logcat.c in the Android Logcat file parser in Wireshark 1.12.x before 1.12.5 does not check the length of the payload, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a packet with a crafted payload, as demonstrated by a length of zero, a different vulnerability than CVE-2015-3906. La función detect_version en wiretap/logcat.c en el analizador sintáctico de ficheros de Android Logcat en Wireshark 1.12.x anterior... • http://www.debian.org/security/2015/dsa-3277 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2015-2187 – Gentoo Linux Security Advisory 201510-03
https://notcve.org/view.php?id=CVE-2015-2187
08 Mar 2015 — The dissect_atn_cpdlc_heur function in asn1/atn-cpdlc/packet-atn-cpdlc-template.c in the ATN-CPDLC dissector in Wireshark 1.12.x before 1.12.4 does not properly follow the TRY/ENDTRY code requirements, which allows remote attackers to cause a denial of service (stack memory corruption and application crash) via a crafted packet. La función dissect_atn_cpdlc_heur en asn1/atn-cpdlc/packet-atn-cpdlc-template.c en el disector ATN-CPDLC en Wireshark 1.12.x anterior a 1.12.4 no sigue correctamente los requisitos ... • http://lists.opensuse.org/opensuse-updates/2015-03/msg00038.html • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 24EXPL: 0CVE-2015-2188 – wireshark: The WCP dissector could crash while decompressing data (wnpa-sec-2015-07)
https://notcve.org/view.php?id=CVE-2015-2188
08 Mar 2015 — epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that is improperly handled during decompression. epan/dissectors/packet-wcp.c en el disector WCP en Wireshark 1.10.x anterior a 1.10.13 y 1.12.x anterior a 1.12.4 no inicializa correctamente una estructura de datos, lo que permite a... • http://advisories.mageia.org/MGASA-2015-0117.html • CWE-19: Data Processing Errors CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 24EXPL: 0CVE-2015-2189 – wireshark: The pcapng file parser could crash (wnpa-sec-2015-08)
https://notcve.org/view.php?id=CVE-2015-2189
08 Mar 2015 — Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via an invalid Interface Statistics Block (ISB) interface ID in a crafted packet. Error de superación de límite (off-by-one) en la función pcapng_read en wiretap/pcapng.c en el analizador sintáctico pcapng en Wireshark 1.10.x anterior a 1.10.13 y 1.12.x anterior a ... • http://advisories.mageia.org/MGASA-2015-0117.html • CWE-189: Numeric Errors CWE-193: Off-by-one Error •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2015-2190 – Gentoo Linux Security Advisory 201510-03
https://notcve.org/view.php?id=CVE-2015-2190
08 Mar 2015 — epan/proto.c in Wireshark 1.12.x before 1.12.4 does not properly handle integer data types greater than 32 bits in size, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet that is improperly handled by the LLDP dissector. epan/proto.c en Wireshark 1.12.x anterior a 1.12.4 no maneja correctamente los tipos de datos de enteros mayores a 32 bits en tamaño, lo que permite a atacantes remotos causar una denegación de servicio (fallo de aserció... • http://lists.opensuse.org/opensuse-updates/2015-03/msg00038.html • CWE-19: Data Processing Errors •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 0CVE-2015-2191 – wireshark: The TNEF dissector could go into an infinite loop on 32-bit architectures (wnpa-sec-2015-10)
https://notcve.org/view.php?id=CVE-2015-2191
08 Mar 2015 — Integer overflow in the dissect_tnef function in epan/dissectors/packet-tnef.c in the TNEF dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet. Desbordamiento de enteros en la función dissect_tnef en epan/dissectors/packet-tnef.c en el disector TNEF en Wireshark 1.10.x anterior a 1.10.13 y 1.12.x anterior a 1.12.4 permite a atacantes remotos causar una denegación de servicio (bucle i... • http://advisories.mageia.org/MGASA-2015-0117.html • CWE-189: Numeric Errors CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2015-2192 – Gentoo Linux Security Advisory 201510-03
https://notcve.org/view.php?id=CVE-2015-2192
08 Mar 2015 — Integer overflow in the dissect_osd2_cdb_continuation function in epan/dissectors/packet-scsi-osd.c in the SCSI OSD dissector in Wireshark 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted length field in a packet. Desbordamiento de enteros en la función dissect_osd2_cdb_continuation en epan/dissectors/packet-scsi-osd.c en el disector SCSI OSD en Wireshark 1.12.x anterior a 1.12.4 permite a atacantes remotos causar una denegación de servicio (bucle infin... • http://lists.opensuse.org/opensuse-updates/2015-03/msg00038.html • CWE-189: Numeric Errors •