Wireshark: >> Wireshark >> 0.99 Security Vulnerabilities
The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pcap.
CVSS Score
4.3
EPSS Score
0.015
Published
2009-12-21
Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability."
CVSS Score
9.3
EPSS Score
0.056
Published
2009-10-30
Unspecified vulnerability in the AFS dissector in Wireshark 0.9.2 through 1.2.0 allows remote attackers to cause a denial of service (crash) via unknown vectors.
CVSS Score
5.0
EPSS Score
0.019
Published
2009-07-21
Unspecified vulnerability in the PCNFSD dissector in Wireshark 0.8.20 through 1.0.7 allows remote attackers to cause a denial of service (crash) via crafted PCNFSD packets.
CVSS Score
5.0
EPSS Score
0.024
Published
2009-05-29
Unspecified vulnerability in Wireshark before 1.0.7 has unknown impact and attack vectors.
CVSS Score
10.0
EPSS Score
0.005
Published
2009-04-21
The Check Point High-Availability Protocol (CPHAP) dissector in Wireshark 0.9.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted FWHA_MY_STATE packet.
CVSS Score
4.3
EPSS Score
0.013
Published
2009-04-13
Unspecified vulnerability in Wireshark 0.99.6 through 1.0.6 allows remote attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.
CVSS Score
5.0
EPSS Score
0.014
Published
2009-04-13
Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obtained from third party information.
CVSS Score
10.0
EPSS Score
0.345
Published
2009-04-01
Wireshark 1.0.4 and earlier allows remote attackers to cause a denial of service via a long SMTP request, which triggers an infinite loop.
CVSS Score
5.0
EPSS Score
0.024
Published
2008-12-01
Use-after-free vulnerability in the dissect_q931_cause_ie function in packet-q931.c in the Q.931 dissector in Wireshark 0.10.3 through 1.0.3 allows remote attackers to cause a denial of service (application crash or abort) via certain packets that trigger an exception.
CVSS Score
5.0
EPSS Score
0.011
Published
2008-10-22
Page 1