Wireshark 2.0.x < 2.0.14 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.0.14. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.0.14 advisory. - In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the openSAFETY dissector could crash or exhaust...

Wireshark 2.0.x < 2.0.14 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 2.0.14. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.0.14 advisory. - In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the openSAFETY dissector could crash or exhaust system...

Wireshark 2.0.x < 2.0.12 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 2.0.12. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.0.12 advisory. - In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite loop,...

EUVD-2017-3037

Malware in sbrugna...

EUVD-2016-6310

Malware in sbrugna...

EUVD-2017-16678

Malware in sbrugna...

EUVD-2016-7435

Malware in sbrugna...

SUSE CVE-2016-5359

epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshark 1.12.x before 1.12.12 mishandles offsets, which allows remote attackers to cause a denial of service integer overflow and infinite loop via a crafted packet...

SUSE CVE-2016-6513

epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshark 2.x before 2.0.5 does not restrict the recursion depth, which allows remote attackers to cause a denial of service application crash via a crafted packet...

SUSE CVE-2017-11410

In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and lengths. NOTE: thi...

SUSE: Security Advisory (SUSE-SU-2016:2212-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Samsung Galaxy S7 Edge: Overflow in OMACP WbXml String Extension Processing(CVE-2018-10751)

OMACP is a protocol supported by many mobile devices which allows them to receive provisioning information over the mobile network. One way to provision a device is via a WAP push SMS message containing provisioning information in WbXML. A malformed OMACP WAP push message can cause memory...

Integer overflow

A malformed OMACP WAP push message can cause memory corruption on a Samsung S7 Edge device when processing the String Extension portion of the WbXml payload. This is due to an integer overflow in memory allocation for this string. The Samsung ID is SVE-2018-11463...

Samsung Galaxy S7 Edge - Overflow in OMACP WbXml String Extension Processing

OMACP is a protocol supported by many mobile devices which allows them to receive provisioning information over the mobile network. One way to provision a device is via a WAP push SMS message containing provisioning information in WbXML. A malformed OMACP WAP push message can cause memory...

Samsung Galaxy S7 Edge - Overflow in OMACP WbXml String Extension Processing

Samsung Galaxy S7 Edge - Overflow in OMACP WbXml String Extension Processing OMACP is a protocol supported by many mobile devices which allows them to receive provisioning information over the mobile network. One way to provision a device is via a WAP push SMS message containing provisioning...

SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2017:2033-1)

This wireshark update to version 2.2.8 fixes the following issues: Security issues fixed : - CVE-2017-11411: The openSAFETY dissectorcould crash or exhaust system memory because of missing length validation. bsc1049621 - CVE-2017-11410: The WBXML dissector could go into an infinite loop. bsc10492...

SUSE SLES11 Security Update : wireshark (SUSE-SU-2017:2032-1)

This wireshark update to version 2.2.8 fixes the following issues: Security issues fixed : - CVE-2017-11411: The openSAFETY dissectorcould crash or exhaust system memory because of missing length validation. bsc1049621 - CVE-2017-11410: The WBXML dissector could go into an infinite loop. bsc10492...

Wireshark Multiple DoS Vulnerabilities (Jul 2017) - Windows

wireshark is prone to multiple denial of service vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2017-11410

In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and lengths. NOTE: thi...

CVE-2017-11410

In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and lengths. NOTE: thi...