Download
| Alert*
|
oval:org.secpod.oval:def:36085
The host is installed with Wireshark 2.0.x before 2.0.4 and is prone to a denial of service vulnerability. A flaw is present in the IEEE 802.11 dissector, which fails to handle injection of a malformed packet onto the wire. Successful exploitation allows remote attackers to cause Wireshark to crash. oval:org.secpod.oval:def:36095 The host is installed with Wireshark 2.0.x before 2.0.4 and is prone to a denial of service vulnerability. A flaw is present in the IEEE 802.11 dissector, which fails to handle injection of a malformed packet onto the wire. Successful exploitation allows remote attackers to cause Wireshark to crash. oval:org.secpod.oval:def:1800473 CVE-2016-5350: SPOOLS infinite loop. Affected versions: 2.0.0 to 2.0.3, 1.12.0 to 1.12.11 Fixed versions: 2.0.4, 1.12.12 oval:org.secpod.oval:def:1800595 CVE-2016-5350: SPOOLS infinite loop Affected versions: 2.0.0 to 2.0.3, 1.12.0 to 1.12.11 Fixed versions: 2.0.4, 1.12.12 oval:org.secpod.oval:def:89045384 This update to wireshark 1.12.13 fixes the following issues: - CVE-2016-6504: wireshark: NDS dissector crash - CVE-2016-6505: wireshark: PacketBB dissector could divide by zero - CVE-2016-6506: wireshark: WSP infinite loop - CVE-2016-6507: wireshark: MMSE infinite loop - CVE-2016-6508: wireshark ... |
