Published: 07/06/2023 Updated: 20/10/2023

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 0

Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark

Vulnerable Product	Search on Vulmon	Subscribe to Product
wireshark wireshark

Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 405 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark (CVE-2023-0667) ...

CWE-787 https://gitlab.com/wireshark/wireshark/-/issues/19086 https://takeonme.org/cves/CVE-2023-0667.html https://security.gentoo.org/glsa/202309-02 https://nvd.nist.gov https://alas.aws.amazon.com/AL2/ALAS-2023-2113.html

CVE-2023-0667

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect