Total
1224 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-6060 | 1 Wireshark | 1 Wireshark | 2017-09-19 | 5.0 MEDIUM | N/A |
| Integer overflow in the dissect_iscsi_pdu function in epan/dissectors/packet-iscsi.c in the iSCSI dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet. | |||||
| CVE-2012-6058 | 1 Wireshark | 1 Wireshark | 2017-09-19 | 5.0 MEDIUM | N/A |
| Integer overflow in the dissect_icmpv6 function in epan/dissectors/packet-icmpv6.c in the ICMPv6 dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted Number of Sources value. | |||||
| CVE-2012-6057 | 1 Wireshark | 1 Wireshark | 2017-09-19 | 5.0 MEDIUM | N/A |
| The dissect_eigrp_metric_comm function in epan/dissectors/packet-eigrp.c in the EIGRP dissector in Wireshark 1.8.x before 1.8.4 uses the wrong data type for a certain offset value, which allows remote attackers to cause a denial of service (integer overflow and infinite loop) via a malformed packet. | |||||
| CVE-2012-6056 | 1 Wireshark | 1 Wireshark | 2017-09-19 | 5.0 MEDIUM | N/A |
| Integer overflow in the dissect_sack_chunk function in epan/dissectors/packet-sctp.c in the SCTP dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted Duplicate TSN count. | |||||
| CVE-2012-6055 | 1 Wireshark | 1 Wireshark | 2017-09-19 | 5.0 MEDIUM | N/A |
| epan/dissectors/packet-3g-a11.c in the 3GPP2 A11 dissector in Wireshark 1.8.x before 1.8.4 allows remote attackers to cause a denial of service (infinite loop) via a zero value in a sub-type length field. | |||||
| CVE-2012-6054 | 1 Wireshark | 1 Wireshark | 2017-09-19 | 5.0 MEDIUM | N/A |
| The dissect_sflow_245_address_type function in epan/dissectors/packet-sflow.c in the sFlow dissector in Wireshark 1.8.x before 1.8.4 does not properly handle length calculations for an invalid IP address type, which allows remote attackers to cause a denial of service (infinite loop) via a packet that is neither IPv4 nor IPv6. | |||||
| CVE-2012-6053 | 1 Wireshark | 1 Wireshark | 2017-09-19 | 5.0 MEDIUM | N/A |
| epan/dissectors/packet-usb.c in the USB dissector in Wireshark 1.6.x before 1.6.12 and 1.8.x before 1.8.4 relies on a length field to calculate an offset value, which allows remote attackers to cause a denial of service (infinite loop) via a zero value for this field. | |||||
| CVE-2012-5855 | 1 Videolan | 1 Vlc Media Player | 2017-09-19 | 4.3 MEDIUM | N/A |
| The SHAddToRecentDocs function in VideoLAN VLC media player 2.0.4 and earlier might allow user-assisted attackers to cause a denial of service (crash) via a crafted file name that triggers an incorrect string-length calculation when the file is added to VLC. NOTE: it is not clear whether this issue crosses privilege boundaries or whether it can be exploited without user interaction. | |||||
| CVE-2012-5166 | 1 Isc | 1 Bind | 2017-09-19 | 7.8 HIGH | N/A |
| ISC BIND 9.x before 9.7.6-P4, 9.8.x before 9.8.3-P4, 9.9.x before 9.9.1-P4, and 9.4-ESV and 9.6-ESV before 9.6-ESV-R7-P4 allows remote attackers to cause a denial of service (named daemon hang) via unspecified combinations of resource records. | |||||
| CVE-2012-4298 | 2 Sun, Wireshark | 2 Sunos, Wireshark | 2017-09-19 | 5.4 MEDIUM | N/A |
| Integer signedness error in the vwr_read_rec_data_ethernet function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to execute arbitrary code via a crafted packet-trace file that triggers a buffer overflow. | |||||
| CVE-2012-4286 | 2 Sun, Wireshark | 2 Sunos, Wireshark | 2017-09-19 | 4.3 MEDIUM | N/A |
| The pcapng_read_packet_block function in wiretap/pcapng.c in the pcap-ng file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted pcap-ng file. | |||||
| CVE-2012-3969 | 1 Mozilla | 5 Firefox, Firefox Esr, Seamonkey and 2 more | 2017-09-19 | 9.3 HIGH | N/A |
| Integer overflow in the nsSVGFEMorphologyElement::Filter function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code via a crafted SVG filter that triggers an incorrect sum calculation, leading to a heap-based buffer overflow. | |||||
| CVE-2012-3826 | 1 Wireshark | 1 Wireshark | 2017-09-19 | 3.3 LOW | N/A |
| Multiple integer underflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (loop) via vectors related to the R3 dissector, a different vulnerability than CVE-2012-2392. | |||||
| CVE-2012-3825 | 1 Wireshark | 1 Wireshark | 2017-09-19 | 3.3 LOW | N/A |
| Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) BACapp and (2) Bluetooth HCI dissectors, a different vulnerability than CVE-2012-2392. | |||||
| CVE-2012-0670 | 1 Apple | 1 Quicktime | 2017-09-19 | 9.3 HIGH | N/A |
| Integer overflow in Apple QuickTime before 7.7.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted sean atom in a movie file. | |||||
| CVE-2012-0667 | 2 Apple, Microsoft | 2 Quicktime, Windows | 2017-09-19 | 9.3 HIGH | N/A |
| Integer signedness error in Apple QuickTime before 7.7.2 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted QTVR movie file. | |||||
| CVE-2011-3834 | 1 Nullsoft | 1 Winamp | 2017-09-19 | 9.3 HIGH | N/A |
| Multiple integer overflows in the in_avi.dll plugin in Winamp before 5.623 allow remote attackers to execute arbitrary code via an AVI file with a crafted value for (1) the number of streams or (2) the size of the RIFF INFO chunk, leading to a heap-based buffer overflow. | |||||
| CVE-2011-3250 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2017-09-19 | 9.3 HIGH | N/A |
| Integer overflow in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file with JPEG2000 encoding. | |||||
| CVE-2011-3248 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2017-09-19 | 9.3 HIGH | N/A |
| Integer signedness error in Apple QuickTime before 7.7.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted font table in a QuickTime movie file. | |||||
| CVE-2011-3247 | 2 Apple, Microsoft | 4 Quicktime, Windows 7, Windows Vista and 1 more | 2017-09-19 | 9.3 HIGH | N/A |
| Integer overflow in Apple QuickTime before 7.7.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PICT file. | |||||