ALT-PU-2016-1901-1
Closed vulnerabilities
Modified: 2024-11-21
CVE-2016-6503
The CORBA IDL dissectors in Wireshark 2.x before 2.0.5 on 64-bit Windows platforms do not properly interact with Visual C++ compiler options, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
- [oss-security] 20160728 CVE request: Wireshark 2.0.5 and 1.12.13 security releases
- [oss-security] 20160728 CVE request: Wireshark 2.0.5 and 1.12.13 security releases
- 92162
- 92162
- 1036480
- 1036480
- http://www.wireshark.org/security/wnpa-sec-2016-39.html
- http://www.wireshark.org/security/wnpa-sec-2016-39.html
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12495
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12495
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=581a17af40b84ef0c9e7f41ed0795af345b61ce1
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=581a17af40b84ef0c9e7f41ed0795af345b61ce1
- 40196
- 40196
Modified: 2024-11-21
CVE-2016-6505
epan/dissectors/packet-packetbb.c in the PacketBB dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted packet.
- [oss-security] 20160728 CVE request: Wireshark 2.0.5 and 1.12.13 security releases
- [oss-security] 20160728 CVE request: Wireshark 2.0.5 and 1.12.13 security releases
- DSA-3648
- DSA-3648
- 92163
- 92163
- 1036480
- 1036480
- http://www.wireshark.org/security/wnpa-sec-2016-41.html
- http://www.wireshark.org/security/wnpa-sec-2016-41.html
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12577
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12577
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=94e97e45cf614c7bb8fe90c23df52910246b2c95
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=94e97e45cf614c7bb8fe90c23df52910246b2c95
- 40197
- 40197
Modified: 2024-11-21
CVE-2016-6506
epan/dissectors/packet-wsp.c in the WSP dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
- [oss-security] 20160728 CVE request: Wireshark 2.0.5 and 1.12.13 security releases
- [oss-security] 20160728 CVE request: Wireshark 2.0.5 and 1.12.13 security releases
- DSA-3648
- DSA-3648
- 1036480
- 1036480
- http://www.wireshark.org/security/wnpa-sec-2016-42.html
- http://www.wireshark.org/security/wnpa-sec-2016-42.html
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12594
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12594
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=a9d5256890c9189c7461bfce6ed6edce5d861499
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=a9d5256890c9189c7461bfce6ed6edce5d861499
Modified: 2024-11-21
CVE-2016-6507
epan/dissectors/packet-mmse.c in the MMSE dissector in Wireshark 1.12.x before 1.12.13 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
- [oss-security] 20160728 CVE request: Wireshark 2.0.5 and 1.12.13 security releases
- [oss-security] 20160728 CVE request: Wireshark 2.0.5 and 1.12.13 security releases
- DSA-3648
- DSA-3648
- 1036480
- 1036480
- http://www.wireshark.org/security/wnpa-sec-2016-43.html
- http://www.wireshark.org/security/wnpa-sec-2016-43.html
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12624
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12624
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=b5a10743258bd016c07ebf6479137fda3d172a0f
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=b5a10743258bd016c07ebf6479137fda3d172a0f
Modified: 2024-11-21
CVE-2016-6508
epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (large loop) via a crafted packet.
- [oss-security] 20160728 CVE request: Wireshark 2.0.5 and 1.12.13 security releases
- [oss-security] 20160728 CVE request: Wireshark 2.0.5 and 1.12.13 security releases
- DSA-3648
- DSA-3648
- 1036480
- 1036480
- http://www.wireshark.org/security/wnpa-sec-2016-44.html
- http://www.wireshark.org/security/wnpa-sec-2016-44.html
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12660
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12660
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=6cf9616df68a4db7e436bb77392586ff9ad84feb
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=6cf9616df68a4db7e436bb77392586ff9ad84feb
Modified: 2024-11-21
CVE-2016-6509
epan/dissectors/packet-ldss.c in the LDSS dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 mishandles conversations, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
- [oss-security] 20160728 CVE request: Wireshark 2.0.5 and 1.12.13 security releases
- [oss-security] 20160728 CVE request: Wireshark 2.0.5 and 1.12.13 security releases
- DSA-3648
- DSA-3648
- 1036480
- 1036480
- http://www.wireshark.org/security/wnpa-sec-2016-45.html
- http://www.wireshark.org/security/wnpa-sec-2016-45.html
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12662
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12662
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=5a469ddc893f7c1912d0e15cc73bd3011e6cc2fb
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=5a469ddc893f7c1912d0e15cc73bd3011e6cc2fb
Modified: 2024-11-21
CVE-2016-6510
Off-by-one error in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.
- [oss-security] 20160728 CVE request: Wireshark 2.0.5 and 1.12.13 security releases
- [oss-security] 20160728 CVE request: Wireshark 2.0.5 and 1.12.13 security releases
- DSA-3648
- DSA-3648
- 1036480
- 1036480
- http://www.wireshark.org/security/wnpa-sec-2016-46.html
- http://www.wireshark.org/security/wnpa-sec-2016-46.html
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12664
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12664
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=47a5fa850b388fcf4ea762073806f01b459820fe
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=47a5fa850b388fcf4ea762073806f01b459820fe
Modified: 2024-11-21
CVE-2016-6511
epan/proto.c in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (OpenFlow dissector large loop) via a crafted packet.
- [oss-security] 20160728 CVE request: Wireshark 2.0.5 and 1.12.13 security releases
- [oss-security] 20160728 CVE request: Wireshark 2.0.5 and 1.12.13 security releases
- DSA-3648
- DSA-3648
- 1036480
- 1036480
- http://www.wireshark.org/security/wnpa-sec-2016-47.html
- http://www.wireshark.org/security/wnpa-sec-2016-47.html
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12659
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12659
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=56706427f53cc64793870bf072c2c06248ae88f3
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=56706427f53cc64793870bf072c2c06248ae88f3
Modified: 2024-11-21
CVE-2016-6512
epan/dissectors/packet-wap.c in Wireshark 2.x before 2.0.5 omits an overflow check in the tvb_get_guintvar function, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet, related to the MMSE, WAP, WBXML, and WSP dissectors.
- [oss-security] 20160728 CVE request: Wireshark 2.0.5 and 1.12.13 security releases
- [oss-security] 20160728 CVE request: Wireshark 2.0.5 and 1.12.13 security releases
- 92174
- 92174
- 1036480
- 1036480
- http://www.wireshark.org/security/wnpa-sec-2016-48.html
- http://www.wireshark.org/security/wnpa-sec-2016-48.html
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12661
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12661
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=2193bea3212d74e2a907152055e27d409b59485e
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=2193bea3212d74e2a907152055e27d409b59485e
- 40195
- 40195
Modified: 2024-11-21
CVE-2016-6513
epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshark 2.x before 2.0.5 does not restrict the recursion depth, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
- [oss-security] 20160728 CVE request: Wireshark 2.0.5 and 1.12.13 security releases
- [oss-security] 20160728 CVE request: Wireshark 2.0.5 and 1.12.13 security releases
- 1036480
- 1036480
- http://www.wireshark.org/security/wnpa-sec-2016-49.html
- http://www.wireshark.org/security/wnpa-sec-2016-49.html
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12663
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12663
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=347f071f1b9180563c28b0f3d0627b91eb456c72
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=347f071f1b9180563c28b0f3d0627b91eb456c72