Published: 12/04/2017 Updated: 07/11/2023

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 694

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

In Wireshark 2.2.0 to 2.2.5, the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dof.c by using a different integer data type and adjusting a return value.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wireshark wireshark 2.2.0
wireshark wireshark 2.2.2
wireshark wireshark 2.2.1
wireshark wireshark 2.2.4
wireshark wireshark 2.2.5
wireshark wireshark 2.2.3

In Wireshark 220 to 225, the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file This was addressed in epan/dissectors/packet-dofc by using a different integer data type and adjusting a return value ...

CWE-835 https://www.wireshark.org/security/wnpa-sec-2017-17.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13453 http://www.securityfocus.com/bid/97634 https://security.gentoo.org/glsa/201706-12 http://www.securitytracker.com/id/1038262 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=6032b0fe5fc1176ab77e03e20765f95fbd21b19e https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=da53a90b6895e47e03c5de05edf84bd99d535fd8 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2017-7704

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-7704

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect