Published: 07/06/2023 Updated: 20/10/2023

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 0

Due to failure in validating the length provided by an attacker-crafted RTPS packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wireshark wireshark
debian debian linux 12.0

Synopsis Moderate: wireshark security update Type/Severity Security Advisory: Moderate Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update for wireshark is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having ...

Multiple vulnerabilities have been discocvered in Wireshark, a network protocol analyzer which could result in denial of service or the execution of arbitrary code For the stable distribution (bookworm), these problems have been fixed in version 406-1~deb12u1 We recommend that you upgrade your wireshark packages For the detailed security statu ...

CWE-787 https://takeonme.org/cves/CVE-2023-0666.html https://www.wireshark.org/security/wnpa-sec-2023-18.html https://gitlab.com/wireshark/wireshark/-/issues/19085 https://www.wireshark.org/docs/relnotes/wireshark-4.0.6.html https://www.debian.org/security/2023/dsa-5429 https://security.gentoo.org/glsa/202309-02 https://access.redhat.com/errata/RHSA-2023:7015 https://nvd.nist.gov https://www.debian.org/security/2023/dsa-5429

CVE-2023-0666

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect