Total vulnerabilities in the database
The dissect_zbee_secure function in epan/dissectors/packet-zbee-security.c in the ZigBee dissector in Wireshark 1.12.x before 1.12.7 improperly relies on length fields contained in packet data, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
| Software | From | Fixed in |
|---|---|---|
| wireshark / wireshark | 1.12.4 | 1.12.4.x |
| wireshark / wireshark | 1.12.5 | 1.12.5.x |
| wireshark / wireshark | 1.12.0 | 1.12.0.x |
| wireshark / wireshark | 1.12.2 | 1.12.2.x |
| wireshark / wireshark | 1.12.1 | 1.12.1.x |
| wireshark / wireshark | 1.12.6 | 1.12.6.x |
| wireshark / wireshark | 1.12.3 | 1.12.3.x |
| oracle / solaris | 11.3 | 11.3.x |
| oracle / linux | 7 | 7.x |