1.6.13 * * * : Security Vulnerabilities

Cpe Name:cpe:2.3:a:wireshark:wireshark:1.6.13:*:*:*:*:*:*:*

CVSS Scores Greater Than: 0 1 2 3 4 5 6 7 8 9

Sort Results By : CVE Number Descending CVE Number Ascending CVSS Score Descending Number Of Exploits Descending

#	CVE ID	CWE ID	# of Exploits	Vulnerability Type(s)	Publish Date	Update Date	Score	Gained Access Level	Access	Complexity	Authentication	Conf.	Integ.	Avail.
1	CVE-2013-4083	20		DoS	2013-06-09	2017-09-19	5.0	None	Remote	Low	Not required	None	None	Partial
The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
2	CVE-2013-4081	119		DoS Overflow	2013-06-09	2018-10-30	5.0	None	Remote	Low	Not required	None	None	Partial
The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted packet.
3	CVE-2013-4074	189	1	DoS	2013-06-09	2018-10-30	5.0	None	Remote	Low	Not required	None	None	Partial
The dissect_capwap_data function in epan/dissectors/packet-capwap.c in the CAPWAP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 incorrectly uses a -1 data value to represent an error condition, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
4	CVE-2013-3557	119		DoS Overflow	2013-05-25	2018-10-30	5.0	None	Remote	Low	Not required	None	None	Partial
The dissect_ber_choice function in epan/dissectors/packet-ber.c in the ASN.1 BER dissector in Wireshark 1.6.x before 1.6.15 and 1.8.x before 1.8.7 does not properly initialize a certain variable, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
5	CVE-2013-3556	20		DoS	2013-05-25	2018-10-30	5.0	None	Remote	Low	Not required	None	None	Partial
The fragment_add_seq_common function in epan/reassemble.c in the ASN.1 BER dissector in Wireshark before r48943 has an incorrect pointer dereference during a comparison, which allows remote attackers to cause a denial of service (application crash) via a malformed packet.
6	CVE-2013-2488	20		DoS	2013-03-07	2018-10-30	5.0	None	Remote	Low	Not required	None	None	Partial
The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a denial of service (application crash) via a large offset value that triggers write access to an invalid memory location.
7	CVE-2013-2485			DoS	2013-03-07	2018-10-30	6.1	None	Local Network	Low	Not required	None	None	Complete
The FCSP dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
8	CVE-2013-2484			DoS	2013-03-07	2018-10-30	3.3	None	Local Network	Low	Not required	None	None	Partial
The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet.
9	CVE-2013-2483	189		DoS	2013-03-07	2018-10-30	3.3	None	Local Network	Low	Not required	None	None	Partial
The acn_add_dmp_data function in epan/dissectors/packet-acn.c in the ACN dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via an invalid count value in ACN_DMP_ADT_D_RE DMP data.
10	CVE-2013-2482			DoS	2013-03-07	2018-10-30	6.1	None	Local Network	Low	Not required	None	None	Complete
The AMPQ dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
11	CVE-2013-2481	189		DoS	2013-03-07	2018-10-30	2.9	None	Local Network	Medium	Not required	None	None	Partial
Integer signedness error in the dissect_mount_dirpath_call function in epan/dissectors/packet-mount.c in the Mount dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6, when nfs_file_name_snooping is enabled, allows remote attackers to cause a denial of service (application crash) via a negative length value.
12	CVE-2013-2480			DoS	2013-03-07	2018-10-30	3.3	None	Local Network	Low	Not required	None	None	Partial
The RTPS and RTPS2 dissectors in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allow remote attackers to cause a denial of service (application crash) via a malformed packet.
13	CVE-2013-2478	189		DoS Overflow	2013-03-07	2018-10-30	3.3	None	Local Network	Low	Not required	None	None	Partial
The dissect_server_info function in epan/dissectors/packet-ms-mms.c in the MS-MMS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not properly manage string lengths, which allows remote attackers to cause a denial of service (application crash) via a malformed packet that (1) triggers an integer overflow or (2) has embedded '\0' characters in a string.

Total number of vulnerabilities : 13 Page : 1 (This Page)