Wireshark 0.10.1

CPE Details

Wireshark 0.10.1
wireshark
wireshark
0.10.1
2024-01-19
13h42 +00:00
2024-01-19
13h42 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:wireshark:wireshark:0.10.1:*:*:*:*:*:*:*

Informations

Vendor

wireshark

Product

wireshark

Version

0.10.1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-26575 2020-10-06 12h57 +00:00 In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.
7.5
High
CVE-2018-14438 2018-07-19 22h00 +00:00 In Wireshark through 2.6.2, the create_app_running_mutex function in wsutil/file_util.c calls SetSecurityDescriptorDacl to set a NULL DACL, which allows attackers to modify the access control arbitrarily.
7.5
High
CVE-2018-6836 2018-02-08 06h00 +00:00 The netmonrec_comment_destroy function in wiretap/netmon.c in Wireshark through 2.4.4 performs a free operation on an uninitialized memory address, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
9.8
Critical
CVE-2017-17997 2017-12-30 06h00 +00:00 In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL pointer and crashes. This was addressed in epan/dissectors/packet-mrdisc.c by validating an IPv4 address. This vulnerability is similar to CVE-2017-9343.
7.5
High
CVE-2017-17935 2017-12-27 06h00 +00:00 The File_read_line function in epan/wslua/wslua_file.c in Wireshark through 2.2.11 does not properly strip '\n' characters, which allows remote attackers to cause a denial of service (buffer underflow and application crash) via a crafted packet that triggers the attempted processing of an empty line.
7.5
High
CVE-2017-6014 2017-02-17 06h45 +00:00 In Wireshark 2.2.4 and earlier, a crafted or malformed STANAG 4607 capture file will cause an infinite loop and memory exhaustion. If the packet size field in a packet header is null, the offset to read from will not advance, causing continuous attempts to read the same zero length packet. This will quickly exhaust all system memory.
7.5
High
CVE-2011-0024 2011-03-28 16h00 +00:00 Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted capture file.
9.3
CVE-2011-1143 2011-03-02 23h00 +00:00 epan/dissectors/packet-ntlmssp.c in the NTLMSSP dissector in Wireshark before 1.4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted .pcap file.
4.3
CVE-2010-3133 2010-08-26 16h00 +00:00 Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as a file that automatically launches Wireshark.
9.3
CVE-2009-3829 2009-10-30 19h05 +00:00 Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability."
9.3
CVE-2009-1266 2009-04-21 13h00 +00:00 Unspecified vulnerability in Wireshark before 1.0.7 has unknown impact and attack vectors.
10
CVE-2009-1210 2009-04-01 08h00 +00:00 Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obtained from third party information.
10
CVE-2008-5285 2008-12-01 14h00 +00:00 Wireshark 1.0.4 and earlier allows remote attackers to cause a denial of service via a long SMTP request, which triggers an infinite loop.
5
CVE-2008-3932 2008-09-04 17h00 +00:00 Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allows attackers to cause a denial of service (hang) via a crafted NCP packet that triggers an infinite loop.
5
CVE-2007-3390 2007-06-25 22h00 +00:00 Wireshark 0.99.5 and 0.10.x up to 0.10.14, when running on certain systems, allows remote attackers to cause a denial of service (crash) via crafted iSeries capture files that trigger a SIGTRAP.
5
CVE-2007-3392 2007-06-25 22h00 +00:00 Wireshark before 0.99.6 allows remote attackers to cause a denial of service via malformed (1) SSL or (2) MMS packets that trigger an infinite loop.
5
CVE-2007-3393 2007-06-25 22h00 +00:00 Off-by-one error in the DHCP/BOOTP dissector in Wireshark before 0.99.6 allows remote attackers to cause a denial of service (crash) via crafted DHCP-over-DOCSIS packets.
5
CVE-2006-4574 2006-10-27 22h00 +00:00 Off-by-one error in the MIME Multipart dissector in Wireshark (formerly Ethereal) 0.10.1 through 0.99.3 allows remote attackers to cause a denial of service (crash) via certain vectors that trigger an assertion error related to unexpected length values.
7.5
High