Published: 29/11/2018 Updated: 07/11/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by adjusting a buffer boundary.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wireshark wireshark
debian debian linux 9.0

Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer, which could result in denial of service or the execution of arbitrary code For the stable distribution (stretch), these problems have been fixed in version 265-1~deb9u1 We recommend that you upgrade your wireshark packages For the detailed security status ...

An out of bounds heap read vulnerability in the wiretap library of Wireshark could allow Wireshark to crash when parsing specially crafted pcap file ...

An out-of-bounds read has been found in the IxVeriWave file parser of Wireshark versions prior to 265, which could be triggered by injecting a malformed packet onto the wire or by convincing someone to read a malformed packet trace file ...

CWE-125 https://www.wireshark.org/security/wnpa-sec-2018-55.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15279 http://www.securityfocus.com/bid/106051 https://www.exploit-db.com/exploits/45951/https://www.debian.org/security/2018/dsa-4359 http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00027.html https://www.oracle.com/security-alerts/cpuapr2020.html https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=bdc33cfaecb1b4cf2c114ed9015713ddf8569a60 https://nvd.nist.gov https://www.debian.org/security/./dsa-4359 https://access.redhat.com/security/cve/cve-2018-19627

CVE-2018-19627

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect