5 matches found
wireshark-gtk: denial of service
CVE-2016-2522: The dissectberconstrainedbitstring function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 2.0.x before 2.0.2 does not verify that a certain length is nonzero, which allows remote attackers to cause a denial of service out-of-bounds read and application...
Wireshark 1.12.x < 1.12.10 Multiple Vulnerabilities (Mac OS X)
The version of Wireshark installed on the remote Mac OS X host is 1.12.x prior to 1.12.10. It is, therefore, affected by multiple vulnerabilities in the following components, which can result in a memory disclosure or a denial of service : - ASN.1 BER dissector - DNP dissector - GSM A-bis OML...
Design/Logic Flaw
The dissectllrpparameters function in epan/dissectors/packet-llrp.c in the LLRP dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 does not limit the recursion depth, which allows remote attackers to cause a denial of service memory consumption or application crash via a crafted...
CVE-2016-2532
The dissectllrpparameters function in epan/dissectors/packet-llrp.c in the LLRP dissector in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 does not limit the recursion depth, which allows remote attackers to cause a denial of service memory consumption or application crash via a crafted...
CVE-2016-2532
The CVE-2016-2532 entry concerns the LLRP dissector in Wireshark. The function dissect_llrp_parameters in Wireshark 1.12.x before 1.12.10 and 2.0.x before 2.0.2 does not limit recursion depth, allowing remote attackers to cause a denial of service via a crafted packet (memory consumption or crash...