Published: 07/06/2023 Updated: 20/10/2023

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 0

Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wireshark wireshark
debian debian linux 12.0

Multiple vulnerabilities have been discocvered in Wireshark, a network protocol analyzer which could result in denial of service or the execution of arbitrary code For the stable distribution (bookworm), these problems have been fixed in version 406-1~deb12u1 We recommend that you upgrade your wireshark packages For the detailed security statu ...

DescriptionA flaw was found in the IEEE C37118 Synchrophasor dissector of Wireshark This issue occurs when decoding malformed packets from a pcap file or from the network, causing a buffer overflow, resulting in a denial of serviceA flaw was found in the IEEE C37118 Synchrophasor dissector of Wireshark This issue occurs when decoding ma ...

CWE-787 https://takeonme.org/cves/CVE-2023-0668.html https://gitlab.com/wireshark/wireshark/-/issues/19087 https://www.wireshark.org/security/wnpa-sec-2023-19.html https://www.wireshark.org/docs/relnotes/wireshark-4.0.6.html https://www.debian.org/security/2023/dsa-5429 https://security.gentoo.org/glsa/202309-02 https://nvd.nist.gov https://www.debian.org/security/2023/dsa-5429

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-0668

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect