CVE-2017-15192
- EPSS 2.43%
- Veröffentlicht 10.10.2017 21:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by considering a case where not all of the BTATT packets have the same encapsulation level.
CVE-2017-15193
- EPSS 2.66%
- Veröffentlicht 10.10.2017 21:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In Wireshark 2.4.0 to 2.4.1 and 2.2.0 to 2.2.9, the MBIM dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-mbim.c by changing the memory-allocation approach.
CVE-2017-13764
- EPSS 1.25%
- Veröffentlicht 30.08.2017 09:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In Wireshark 2.4.0, the Modbus dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/packet-mbtcp.c by adding length validation.
CVE-2017-13765
- EPSS 2.79%
- Veröffentlicht 30.08.2017 09:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the IrCOMM dissector has a buffer over-read and application crash. This was addressed in plugins/irda/packet-ircomm.c by adding length validation.
CVE-2017-13766
- EPSS 2.01%
- Veröffentlicht 30.08.2017 09:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could crash with an out-of-bounds write. This was addressed in plugins/profinet/packet-dcerpc-pn-io.c by adding string validation.
CVE-2017-13767
- EPSS 1.99%
- Veröffentlicht 30.08.2017 09:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the MSDP dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-msdp.c by adding length validation.
CVE-2017-11406
- EPSS 3.02%
- Veröffentlicht 18.07.2017 21:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the DOCSIS dissector could go into an infinite loop. This was addressed in plugins/docsis/packet-docsis.c by rejecting invalid Frame Control parameter values.
CVE-2017-11407
- EPSS 2.76%
- Veröffentlicht 18.07.2017 21:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the MQ dissector could crash. This was addressed in epan/dissectors/packet-mq.c by validating the fragment length before a reassembly attempt.
CVE-2017-11408
- EPSS 2.06%
- Veröffentlicht 18.07.2017 21:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP dissector could crash. This was addressed in epan/dissectors/packet-amqp.c by checking for successful list dissection.
CVE-2017-11409
- EPSS 2.26%
- Veröffentlicht 18.07.2017 21:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In Wireshark 2.0.0 to 2.0.13, the GPRS LLC dissector could go into a large loop. This was addressed in epan/dissectors/packet-gprs-llc.c by using a different integer data type.