Download
| Alert*
|
oval:org.secpod.oval:def:36089
The host is installed with Wireshark 1.12.x before 1.12.12 or 2.0.x before 2.0.4 and is prone to a denial of service vulnerability. A flaw is present in the CoSine file parser, which fails to handle a malformed packet. Successful exploitation allows remote attackers to cause Wireshark to crash. oval:org.secpod.oval:def:36099 The host is installed with Wireshark 1.12.x before 1.12.12 or 2.0.x before 2.0.4 and is prone to a denial of service vulnerability. A flaw is present in the CoSine file parser, which fails to handle a malformed packet. Successful exploitation allows remote attackers to cause Wireshark to crash. oval:org.secpod.oval:def:1800473 CVE-2016-5350: SPOOLS infinite loop. Affected versions: 2.0.0 to 2.0.3, 1.12.0 to 1.12.11 Fixed versions: 2.0.4, 1.12.12 oval:org.secpod.oval:def:1800595 CVE-2016-5350: SPOOLS infinite loop Affected versions: 2.0.0 to 2.0.3, 1.12.0 to 1.12.11 Fixed versions: 2.0.4, 1.12.12 oval:org.secpod.oval:def:89045384 This update to wireshark 1.12.13 fixes the following issues: - CVE-2016-6504: wireshark: NDS dissector crash - CVE-2016-6505: wireshark: PacketBB dissector could divide by zero - CVE-2016-6506: wireshark: WSP infinite loop - CVE-2016-6507: wireshark: MMSE infinite loop - CVE-2016-6508: wireshark ... oval:org.secpod.oval:def:602550 Multiple vulnerabilities were discovered in the dissectors/parsers for PKTC, IAX2, GSM CBCH and NCP, SPOOLS, IEEE 802.11, UMTS FP, USB, Toshiba, CoSine, NetScreen, WBXML which could result in denial of service or potentially the execution of arbitrary code. |
