Summary
| Detail | |||
|---|---|---|---|
| Vendor | Wireshark | First view | 2013-02-02 |
| Product | Wireshark | Last view | 2025-02-20 |
| Version | 1.8.4 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:wireshark:wireshark | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.5 | 2025-02-20 | CVE-2025-1492 | Bundle Protocol and CBOR dissector crashes in Wireshark 4.4.0 to 4.4.3 and 4.2.0 to 4.2.10 allows denial of service via packet injection or crafted capture file |
| 5.5 | 2024-11-21 | CVE-2024-11596 | ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file |
| 5.5 | 2024-11-21 | CVE-2024-11595 | FiveCo RAP dissector infinite loop in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file |
| 7.5 | 2024-10-10 | CVE-2024-9781 | AppleTalk and RELOAD Framing dissector crash in Wireshark 4.4.0 and 4.2.0 to 4.2.7 allows denial of service via packet injection or crafted capture file |
| 5.5 | 2024-09-10 | CVE-2024-8645 | SPRT dissector crash in Wireshark 4.2.0 to 4.0.5 and 4.0.0 to 4.0.15 allows denial of service via packet injection or crafted capture file |
| 5.5 | 2024-08-29 | CVE-2024-8250 | NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file |
| 7.5 | 2024-05-14 | CVE-2024-4854 | MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture file |
| 7.8 | 2024-03-26 | CVE-2023-6175 | NetScreen file parser crash in Wireshark 4.0.0 to 4.0.10 and 3.6.0 to 3.6.18 allows denial of service via crafted capture file |
| 0 | 2024-02-21 | CVE-2024-24479 | A Buffer Overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the wsutil/to_str.c, and format_fractional_part_nsecs components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected. |
| 0 | 2024-02-21 | CVE-2024-24478 | An issue in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the packet-bgp.c, dissect_bgp_open(tvbuff_t*tvb, proto_tree*tree, packet_info*pinfo), optlen components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected. |
| 0 | 2024-02-21 | CVE-2024-24476 | A buffer overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the pan/addr_resolv.c, and ws_manuf_lookup_str(), size components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected. |
| 7.5 | 2024-01-03 | CVE-2024-0209 | IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file |
| 7.5 | 2024-01-03 | CVE-2024-0208 | GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file |
| 6.5 | 2023-11-16 | CVE-2023-6174 | SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file |
| 6.5 | 2023-10-04 | CVE-2023-5371 | RTPS dissector memory leak in Wireshark 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows denial of service via packet injection or crafted capture file |
| 6.5 | 2023-08-25 | CVE-2023-2906 | Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack. |
| 7.5 | 2023-08-24 | CVE-2023-4513 | BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file |
| 7.5 | 2023-08-24 | CVE-2023-4512 | CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file |
| 7.5 | 2023-08-24 | CVE-2023-4511 | BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file |
| 5.5 | 2023-07-14 | CVE-2023-3649 | iSCSI dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file |
| 5.5 | 2023-07-14 | CVE-2023-3648 | Kafka dissector crash in Wireshark 4.0.0 to 4.0.6 and 3.6.0 to 3.6.14 allows denial of service via packet injection or crafted capture file |
| 6.5 | 2023-06-07 | CVE-2023-0668 | Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark. |
| 6.5 | 2023-06-07 | CVE-2023-0667 | Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark |
| 6.5 | 2023-06-07 | CVE-2023-0666 | Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark. |
| 6.5 | 2023-05-30 | CVE-2023-2952 | XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 21% (45) | CWE-20 | Improper Input Validation |
| 10% (22) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 9% (20) | CWE-476 | NULL Pointer Dereference |
| 9% (19) | CWE-125 | Out-of-bounds Read |
| 7% (15) | CWE-787 | Out-of-bounds Write |
| 6% (14) | CWE-189 | Numeric Errors |
| 5% (11) | CWE-772 | Missing Release of Resource after Effective Lifetime |
| 2% (6) | CWE-674 | Uncontrolled Recursion |
| 2% (6) | CWE-404 | Improper Resource Shutdown or Release |
| 2% (6) | CWE-399 | Resource Management Errors |
| 2% (5) | CWE-770 | Allocation of Resources Without Limits or Throttling |
| 2% (5) | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory L... |
| 1% (4) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
| 1% (3) | CWE-416 | Use After Free |
| 1% (3) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
| 1% (3) | CWE-369 | Divide By Zero |
| 1% (3) | CWE-193 | Off-by-one Error |
| 1% (3) | CWE-134 | Uncontrolled Format String |
| 0% (2) | CWE-682 | Incorrect Calculation |
| 0% (2) | CWE-665 | Improper Initialization |
| 0% (2) | CWE-190 | Integer Overflow or Wraparound |
| 0% (2) | CWE-74 | Failure to Sanitize Data into a Different Plane ('Injection') |
| 0% (1) | CWE-763 | Release of Invalid Pointer or Reference |
| 0% (1) | CWE-617 | Reachable Assertion |
| 0% (1) | CWE-415 | Double Free |
ExploitDB Exploits
| id | Description |
|---|---|
| 33069 | Wireshark <= 1.8.12/1.10.5 wiretap/mpeg.c Stack Buffer Overflow |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2014-B-0029 | Multiple Vulnerabilities in Wireshark Severity: Category I - VMSKEY: V0047365 |
| 2013-B-0123 | Wireshark Denial of Service Vulnerabilities Severity: Category I - VMSKEY: V0041645 |
| 2013-B-0105 | Multiple Vulnerabilities in Wireshark Severity: Category I - VMSKEY: V0040375 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-11-16 | Wireshark MPEG dissector stack buffer overflow attempt RuleID : 31987 - Type : FILE-OTHER - Revision : 3 |
| 2014-11-16 | Wireshark MPEG dissector stack buffer overflow attempt RuleID : 31986 - Type : FILE-OTHER - Revision : 3 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2019-01-16 | Name: The remote Debian host is missing a security update. File: debian_DLA-1634.nasl - Type: ACT_GATHER_INFO |
| 2019-01-11 | Name: An application installed on the remote MacOS / MacOSX host is affected by mul... File: macosx_wireshark_2_4_12.nasl - Type: ACT_GATHER_INFO |
| 2019-01-11 | Name: An application installed on the remote MacOS / MacOSX host is affected by mul... File: macosx_wireshark_2_6_6.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-1b6cb1df72.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-3dfee621af.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-89413a04e0.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-b7a58187ba.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-bfdad62cd6.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-cb410a3812.nasl - Type: ACT_GATHER_INFO |
| 2019-01-03 | Name: The remote Fedora host is missing a security update. File: fedora_2018-d56c428f9e.nasl - Type: ACT_GATHER_INFO |
| 2018-12-28 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4359.nasl - Type: ACT_GATHER_INFO |
| 2018-12-05 | Name: An application installed on the remote MacOS / MacOSX host is affected by mul... File: macosx_wireshark_2_4_11.nasl - Type: ACT_GATHER_INFO |
| 2018-12-05 | Name: An application installed on the remote MacOS / MacOSX host is affected by mul... File: macosx_wireshark_2_6_5.nasl - Type: ACT_GATHER_INFO |
| 2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL34035645.nasl - Type: ACT_GATHER_INFO |
| 2018-10-15 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4315.nasl - Type: ACT_GATHER_INFO |
| 2018-08-02 | Name: The remote Fedora host is missing a security update. File: fedora_2018-9ef52861b5.nasl - Type: ACT_GATHER_INFO |
| 2018-07-30 | Name: The remote Debian host is missing a security update. File: debian_DLA-1451.nasl - Type: ACT_GATHER_INFO |
| 2018-06-06 | Name: The remote Fedora host is missing a security update. File: fedora_2018-d1cfa444d2.nasl - Type: ACT_GATHER_INFO |
| 2018-06-05 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4217.nasl - Type: ACT_GATHER_INFO |
| 2018-05-31 | Name: An application installed on the remote MacOS / MacOSX host is affected by mul... File: macosx_wireshark_2_6_1.nasl - Type: ACT_GATHER_INFO |
| 2018-05-29 | Name: The remote Debian host is missing a security update. File: debian_DLA-1388.nasl - Type: ACT_GATHER_INFO |
| 2018-04-19 | Name: The remote Debian host is missing a security update. File: debian_DLA-1353.nasl - Type: ACT_GATHER_INFO |
| 2018-04-06 | Name: An application installed on the remote MacOS / MacOSX host is affected by mul... File: macos_wireshark_2_4_6.nasl - Type: ACT_GATHER_INFO |
| 2018-03-28 | Name: The remote Fedora host is missing a security update. File: fedora_2018-cdf3f8e8b0.nasl - Type: ACT_GATHER_INFO |
| 2018-03-05 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_c5ab620f45764ad5b51f93e4fec9cd0e.nasl - Type: ACT_GATHER_INFO |
