CVE-2017-11410
- EPSS 1.3%
- Veröffentlicht 18.07.2017 21:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relat...
CVE-2017-11411
- EPSS 1.3%
- Veröffentlicht 18.07.2017 21:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by adding length validation. NOTE: this vulnerability exists because of an i...
CVE-2017-9766
- EPSS 3.82%
- Veröffentlicht 21.06.2017 07:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In Wireshark 2.2.7, PROFINET IO data with a high recursion depth allows remote attackers to cause a denial of service (stack exhaustion) in the dissect_IODWriteReq function in plugins/profinet/packet-dcerpc-pn-io.c.
CVE-2017-9616
- EPSS 1.03%
- Veröffentlicht 14.06.2017 20:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In Wireshark 2.2.7, overly deep mp4 chunks may cause stack exhaustion (uncontrolled recursion) in the dissect_mp4_box function in epan/dissectors/file-mp4.c.
CVE-2017-9617
- EPSS 1.03%
- Veröffentlicht 14.06.2017 20:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In Wireshark 2.2.7, deeply nested DAAP data may cause stack exhaustion (uncontrolled recursion) in the dissect_daap_one_tag function in epan/dissectors/packet-daap.c in the DAAP dissector.
CVE-2017-9343
- EPSS 3.14%
- Veröffentlicht 02.06.2017 05:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the MSNIP dissector misuses a NULL pointer. This was addressed in epan/dissectors/packet-msnip.c by validating an IPv4 address.
CVE-2017-9344
- EPSS 2.72%
- Veröffentlicht 02.06.2017 05:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bluetooth L2CAP dissector could divide by zero. This was addressed in epan/dissectors/packet-btl2cap.c by validating an interval value.
CVE-2017-9345
- EPSS 3.05%
- Veröffentlicht 02.06.2017 05:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DNS dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-dns.c by trying to detect self-referencing pointers.
CVE-2017-9346
- EPSS 3.44%
- Veröffentlicht 02.06.2017 05:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the SoulSeek dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-slsk.c by making loop bounds more explicit.
CVE-2017-9347
- EPSS 14.21%
- Veröffentlicht 02.06.2017 05:29:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
In Wireshark 2.2.0 to 2.2.6, the ROS dissector could crash with a NULL pointer dereference. This was addressed in epan/dissectors/asn1/ros/packet-ros-template.c by validating an OID.