Product:

Solaris

(Oracle)
Date Id Summary Products Score Patch Annotated
2015-01-10 CVE-2015-0564 Buffer underflow in the ssl_decrypt_record function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet that is improperly handled during decryption of an SSL session. Debian_linux, Opensuse, Linux, Solaris, Wireshark N/A
2015-03-08 CVE-2015-2188 epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data structure, which allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted packet that is improperly handled during decompression. Debian_linux, Mageia, Opensuse, Linux, Solaris, Wireshark N/A
2015-03-08 CVE-2015-2189 Off-by-one error in the pcapng_read function in wiretap/pcapng.c in the pcapng file parser in Wireshark 1.10.x before 1.10.13 and 1.12.x before 1.12.4 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via an invalid Interface Statistics Block (ISB) interface ID in a crafted packet. Debian_linux, Mageia, Opensuse, Linux, Solaris, Wireshark N/A
2015-03-08 CVE-2015-2190 epan/proto.c in Wireshark 1.12.x before 1.12.4 does not properly handle integer data types greater than 32 bits in size, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted packet that is improperly handled by the LLDP dissector. Opensuse, Solaris, Wireshark N/A
2015-03-30 CVE-2015-1351 Use-after-free vulnerability in the _zend_shared_memdup function in zend_shared_alloc.c in the OPcache extension in PHP through 5.6.7 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. Mac_os_x, Linux, Secure_backup, Solaris, Php N/A
2015-05-08 CVE-2015-3294 The tcp_request function in Dnsmasq before 2.73rc4 does not properly handle the return value of the setup_reply function, which allows remote attackers to read process memory and cause a denial of service (out-of-bounds read and crash) via a malformed DNS request. Solaris, Dnsmasq N/A
2016-07-05 CVE-2016-4955 ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packet or (2) a packet with an incorrect MAC value at a certain time. Suse_manager, Ntp, Leap, Opensuse, Solaris, Simatic_net_cp_443\-1_opc_ua_firmware, Linux_enterprise_desktop, Linux_enterprise_server, Manager_proxy, Openstack_cloud 5.9
2015-05-26 CVE-2015-3811 epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 improperly refers to previously processed bytes, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, a different vulnerability than CVE-2015-2188. Linux, Solaris, Wireshark N/A
2015-05-26 CVE-2015-3812 Multiple memory leaks in the x11_init_protocol function in epan/dissectors/packet-x11.c in the X11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 allow remote attackers to cause a denial of service (memory consumption) via a crafted packet. Linux, Solaris, Wireshark N/A
2015-05-26 CVE-2015-3814 The (1) dissect_tfs_request and (2) dissect_tfs_response functions in epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.10.x before 1.10.14 and 1.12.x before 1.12.5 interpret a zero value as a length rather than an error condition, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet. Solaris, Wireshark N/A