In Wireshark up to and including 2.0.13 and 2.2.x up to and including 2.2.7, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by adding length validation. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-9350.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wireshark wireshark 2.0.0 |
||
wireshark wireshark 2.0.4 |
||
wireshark wireshark 2.0.9 |
||
wireshark wireshark 2.0.12 |
||
wireshark wireshark 2.0.1 |
||
wireshark wireshark 2.0.11 |
||
wireshark wireshark 2.0.7 |
||
wireshark wireshark 2.0.2 |
||
wireshark wireshark 2.0.8 |
||
wireshark wireshark 2.0.3 |
||
wireshark wireshark 2.0.6 |
||
wireshark wireshark 2.0.10 |
||
wireshark wireshark 2.0.13 |
||
wireshark wireshark 2.0.5 |
||
wireshark wireshark 2.2.6 |
||
wireshark wireshark 2.2.0 |
||
wireshark wireshark 2.2.2 |
||
wireshark wireshark 2.2.1 |
||
wireshark wireshark 2.2.4 |
||
wireshark wireshark 2.2.5 |
||
wireshark wireshark 2.2.7 |
||
wireshark wireshark 2.2.3 |