828 matches found
CVE-2016-2529
CVE-2016-2529 affects Wireshark 2.0.x before 2.0.2. The iseries_check_file_type function in wiretap/iseries.c does not account for lines that may lack the OBJECT PROTOCOL substring, enabling remote attackers to trigger a denial of service via a crafted file (out-of-bounds read and application cra...
Wireshark 1.12.x < 1.12.9 Multiple DoS
The version of Wireshark installed on the remote Windows host is 1.12.x prior to 1.12.9. It is, therefore, affected by multiple denial of service vulnerabilities in the following components : - 802.11 dissector - AllJoyn dissector - ANSI A dissector - Ascend file parser - BER dissector - DCOM...
Wireshark Sniffer File Parser Denial of Service Vulnerability
Wireshark is the most popular network protocol parser. Wireshark version 2.0.x prior to 2.0.1 and version 1.12.x prior to 1.12.9 The ngsnifferprocessrecord function in wiretap/ngsniffer.c in the Sniffer file parser fails to correctly validate the relationship between the length of the record and...
CVE-2015-8737
The mp2topen function in wiretap/mp2t.c in the MP2T file parser in Wireshark 2.0.x before 2.0.1 does not validate the bit rate, which allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted file...
CVE-2015-8733
The ngsnifferprocessrecord function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service...
DEBIAN-CVE-2015-8733
The ngsnifferprocessrecord function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service...
CVE-2015-8729
The ascendseek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a '\0' character at the end of a date string, which allows remote attackers to cause a denial of service out-of-bounds read and...
DEBIAN-CVE-2015-8729
The ascendseek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a '\0' character at the end of a date string, which allows remote attackers to cause a denial of service out-of-bounds read and...
DEBIAN-CVE-2015-8726
wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme MCS data, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted file...
UBUNTU-CVE-2015-8733
The ngsnifferprocessrecord function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service...
CVE-2015-8736
The mp2tfindnextpcr function in wiretap/mp2t.c in the MP2T file parser in Wireshark 2.0.x before 2.0.1 does not reserve memory for a trailer, which allows remote attackers to cause a denial of service stack-based buffer overflow and application crash via a crafted file...
Out-of-bounds
wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme MCS data, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted file...
CVE-2015-8726
wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme MCS data, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted file...
Out-of-bounds
The ngsnifferprocessrecord function in wiretap/ngsniffer.c in the Sniffer file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate the relationships between record lengths and record header lengths, which allows remote attackers to cause a denial of service...
CVE-2015-8729
The ascendseek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a '\0' character at the end of a date string, which allows remote attackers to cause a denial of service out-of-bounds read and...
Out-of-bounds
The ascendseek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a '\0' character at the end of a date string, which allows remote attackers to cause a denial of service out-of-bounds read and...
CVE-2015-8729
The ascendseek function in wiretap/ascendtext.c in the Ascend file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not ensure the presence of a '\0' character at the end of a date string, which allows remote attackers to cause a denial of service out-of-bounds read and...
CVE-2015-8726
wiretap/vwr.c in the VeriWave file parser in Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1 does not validate certain signature and Modulation and Coding Scheme MCS data, which allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted file...
CVE-2015-8726
Wireshark contains CVE-2015-8726 in the VeriWave file parser (wiretap/vwr.c): it does not validate certain signature and MCS data in crafted files, enabling remote attackers to trigger a DoS via out-of-bounds reads and app crashes. Affected: Wireshark 1.12.x before 1.12.9 and 2.0.x before 2.0.1. ...
CVE-2015-8729
The CVE-2015-8729 entry concerns Wireshark’s Ascend file parser. The ascend_seek function in wiretap/ascendtext.c does not ensure a terminating '\0' in a date string, enabling remote attackers to trigger an out-of-bounds read and application crash via a crafted file. Affected product family: Wire...