Total vulnerabilities in the database
The (1) dissect_tfs_request and (2) dissect_tfs_response functions in epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 interpret a zero value as a length rather than an error condition, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
Software | From | Fixed in |
---|---|---|
oracle / solaris | 11.2 | 11.2.x |
wireshark / wireshark | 1.12.4 | 1.12.4.x |
wireshark / wireshark | 1.10.8 | 1.10.8.x |
wireshark / wireshark | 1.12.0 | 1.12.0.x |
wireshark / wireshark | 1.10.6 | 1.10.6.x |
wireshark / wireshark | 1.10.9 | 1.10.9.x |
wireshark / wireshark | 1.10.13 | 1.10.13.x |
wireshark / wireshark | 1.10.12 | 1.10.12.x |
wireshark / wireshark | 1.10.10 | 1.10.10.x |
wireshark / wireshark | 1.10.0 | 1.10.0.x |
wireshark / wireshark | 1.12.2 | 1.12.2.x |
wireshark / wireshark | 1.10.3 | 1.10.3.x |
wireshark / wireshark | 1.10.2 | 1.10.2.x |
wireshark / wireshark | 1.10.1 | 1.10.1.x |
wireshark / wireshark | 1.12.1 | 1.12.1.x |
wireshark / wireshark | 1.10.7 | 1.10.7.x |
wireshark / wireshark | 1.10.4 | 1.10.4.x |
wireshark / wireshark | 1.10.14 | 1.10.14.x |
wireshark / wireshark | 1.12.3 | 1.12.3.x |
wireshark / wireshark | 1.10.5 | 1.10.5.x |
wireshark / wireshark | 1.10.11 | 1.10.11.x |