wireshark

Page content
  • Author: Miklos Vajna
  • Vulnerable: 1.6.2-1mores1
  • Unaffected: 1.6.3-1mores1

Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system.

  1. An error related to an uninitialised variable within the CSN.1 dissector can be exploited to cause a crash.
  2. A NULL pointer dereference error within the Infiniband dissector can be exploited to cause a crash.
  3. An error within the ERF file parser can be exploited to cause a heap-based buffer overflow. Successful exploitation of this vulnerability may allow execution of arbitrary code.

CVEs: