Published: 26/05/2023 Updated: 20/10/2023

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 0

BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file

Vulnerable Product	Search on Vulmon	Subscribe to Product
wireshark wireshark
debian debian linux 12.0

Multiple vulnerabilities have been discocvered in Wireshark, a network protocol analyzer which could result in denial of service or the execution of arbitrary code For the stable distribution (bookworm), these problems have been fixed in version 406-1~deb12u1 We recommend that you upgrade your wireshark packages For the detailed security statu ...

DescriptionA flaw was found in the BLF file parser of Wireshark This issue occurs when decoding malformed packets from a pcap file or from the network, causing a buffer overflow, resulting in a denial of serviceA flaw was found in the BLF file parser of Wireshark This issue occurs when decoding malformed packets from a pcap file or from t ...

CWE-787 https://gitlab.com/wireshark/wireshark/-/issues/19063 https://www.wireshark.org/security/wnpa-sec-2023-13.html https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2857.json https://www.debian.org/security/2023/dsa-5429 https://security.gentoo.org/glsa/202309-02 https://nvd.nist.gov https://www.debian.org/security/2023/dsa-5429

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-2857

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect