Wireshark: >> Wireshark >> 0.10.1 Security Vulnerabilities
epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file.
CVSS Score
4.3
EPSS Score
0.128
Published
2011-03-03
Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as a file that automatically launches Wireshark.
CVSS Score
9.3
EPSS Score
0.007
Published
2010-08-26
Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability."
CVSS Score
9.3
EPSS Score
0.056
Published
2009-10-30
Unspecified vulnerability in Wireshark before 1.0.7 has unknown impact and attack vectors.
CVSS Score
10.0
EPSS Score
0.005
Published
2009-04-21
Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obtained from third party information.
CVSS Score
10.0
EPSS Score
0.345
Published
2009-04-01
Wireshark 1.0.4 and earlier allows remote attackers to cause a denial of service via a long SMTP request, which triggers an infinite loop.
CVSS Score
5.0
EPSS Score
0.024
Published
2008-12-01
Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to cause a denial of service (hang) via a crafted NCP packet that triggers an infinite loop.
CVSS Score
5.0
EPSS Score
0.007
Published
2008-09-04
Wireshark 0.99.5 and 0.10.x up to 0.10.14, when running on certain systems, allows remote attackers to cause a denial of service (crash) via crafted iSeries capture files that trigger a SIGTRAP.
CVSS Score
5.0
EPSS Score
0.014
Published
2007-06-26
Wireshark before 0.99.6 allows remote attackers to cause a denial of service via malformed (1) SSL or (2) MMS packets that trigger an infinite loop.
CVSS Score
5.0
EPSS Score
0.019
Published
2007-06-26
Off-by-one error in the DHCP/BOOTP dissector in Wireshark before 0.99.6 allows remote attackers to cause a denial of service (crash) via crafted DHCP-over-DOCSIS packets.
CVSS Score
5.0
EPSS Score
0.029
Published
2007-06-26