Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wireshark wireshark 2.0.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2017-6469
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an LDSS dissector crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-ldss.c by ensuring that memory is allocated for a certain data structure.
Wireshark Wireshark
Debian Debian Linux 8.0
7.5
CVSSv3
CVE-2017-6470
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an IAX2 infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-iax2.c by constraining packet lateness.
Wireshark Wireshark
Debian Debian Linux 8.0
7.5
CVSSv3
CVE-2017-6471
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a WSP infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wsp.c by validating the capability length.
Wireshark Wireshark
Debian Debian Linux 8.0
7.5
CVSSv3
CVE-2017-6472
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is an RTMPT dissector infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-rtmpt.c by properly incrementing a certain sequence value.
Wireshark Wireshark
Debian Debian Linux 8.0
7.5
CVSSv3
CVE-2017-6473
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a K12 file parser crash, triggered by a malformed capture file. This was addressed in wiretap/k12.c by validating the relationships between lengths and offsets.
Wireshark Wireshark
Debian Debian Linux 8.0
7.5
CVSSv3
CVE-2017-6474
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by validating record sizes.
Wireshark Wireshark
Debian Debian Linux 8.0
7.5
CVSSv3
CVE-2017-5597
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the DHCPv6 dissector could go into a large loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dhcpv6.c by changing a data type to avoid an integer overflow.
Wireshark Wireshark 2.0.0
Wireshark Wireshark 2.0.4
Wireshark Wireshark 2.2.0
Wireshark Wireshark 2.0.9
Wireshark Wireshark 2.2.2
Wireshark Wireshark 2.0.1
Wireshark Wireshark 2.2.1
Wireshark Wireshark 2.0.7
Wireshark Wireshark 2.0.2
Wireshark Wireshark 2.0.8
Wireshark Wireshark 2.0.3
Wireshark Wireshark 2.0.6
Wireshark Wireshark 2.2.3
Wireshark Wireshark 2.0.5
7.5
CVSSv3
CVE-2017-5596
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-asterix.c by changing a data type to avoid an integer overflow.
Wireshark Wireshark 2.0.0
Wireshark Wireshark 2.0.4
Wireshark Wireshark 2.2.0
Wireshark Wireshark 2.0.9
Wireshark Wireshark 2.2.2
Wireshark Wireshark 2.0.1
Wireshark Wireshark 2.2.1
Wireshark Wireshark 2.0.7
Wireshark Wireshark 2.0.2
Wireshark Wireshark 2.0.8
Wireshark Wireshark 2.0.3
Wireshark Wireshark 2.0.6
Wireshark Wireshark 2.2.3
Wireshark Wireshark 2.0.5
7.5
CVSSv3
CVE-2016-5350
epan/dissectors/packet-dcerpc-spoolss.c in the SPOOLS component in Wireshark 1.12.x prior to 1.12.12 and 2.x prior to 2.0.4 mishandles unexpected offsets, which allows remote malicious users to cause a denial of service (infinite loop) via a crafted packet.
Wireshark Wireshark 2.0.0
Wireshark Wireshark 1.12.4
Wireshark Wireshark 1.12.10
Wireshark Wireshark 1.12.5
Wireshark Wireshark 1.12.0
Wireshark Wireshark 1.12.9
Wireshark Wireshark 2.0.1
Wireshark Wireshark 1.12.2
Wireshark Wireshark 2.0.2
Wireshark Wireshark 2.0.3
Wireshark Wireshark 1.12.1
Wireshark Wireshark 1.12.7
Wireshark Wireshark 1.12.11
Wireshark Wireshark 1.12.6
Wireshark Wireshark 1.12.3
Wireshark Wireshark 1.12.8
6.5
CVSSv3
CVE-2023-2906
Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 up to and including 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack.
Wireshark Wireshark
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »