10 matches found
Backdrop CMS Cross-Site Scripting Vulnerability
Backdrop CMS is an open source content management system CMS. A cross-site scripting vulnerability exists in Backdrop CMS versions 1.12.x before 1.12.8 and 1.13.x before 1.13.3. The vulnerability stems from a lack of proper validation of client-side data in the web application. An attacker can...
CVE-2016-5350
epan/dissectors/packet-dcerpc-spoolss.c in the SPOOLS component in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles unexpected offsets, which allows remote attackers to cause a denial of service infinite loop via a crafted packet...
CVE-2016-6508
epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 uses an incorrect integer data type, which allows remote attackers to cause a denial of service large loop via a crafted packet...
CVE-2016-6508
epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 uses an incorrect integer data type, which allows remote attackers to cause a denial of service large loop via a crafted packet...
CVE-2016-4418
epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.12.x before 1.12.10 and 2.x before 2.0.2 allows remote attackers to cause a denial of service buffer over-read and application crash via a crafted packet that triggers an empty set...
Wireshark GSM CBCH Parser Denial of Service Vulnerability
Wireshark formerly known as Ethereal is a suite of network packet analysis software developed by the Wireshark team. A security vulnerability in the epan/dissectors/packet-gsmcbch.c file in the GSM CBCH parser in Wireshark versions 1.12.11 prior to 1.12.x and 2.0.3 prior to 2.0.x can be exploited...
UBUNTU-CVE-2016-4006
epan/proto.c in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not limit the protocol-tree depth, which allows remote attackers to cause a denial of service stack memory consumption and application crash via a crafted packet...
Wireshark Denial of Service Vulnerability (CNVD-2015-03485)
Wireshark is the most popular network protocol parser. A denial of service vulnerability exists in Wireshark version 1.12.x prior to 1.12.5 that allows remote attackers to cause a denial of service via a crafted message packet...
CVE-2015-0560
The dissectwccp2r1addresstableinfo function in epan/dissectors/packet-wccp.c in the WCCP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 does not initialize certain data structures, which allows remote attackers to cause a denial of service application crash via a crafted...
DEBIAN-CVE-2004-0417
Integer overflow in the "Max-dotdot" CVS protocol command servemaxdotdot for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space...