PT-2023-16439 · Wireshark+3 · Wireshark+3

Wanderingglitch

Publicado

2023-06-04

Atualizado

2025-01-06

CVE-2023-0667

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Wireshark versions 4.0.5 and prior

Description The issue arises from a failure to validate the length of an attacker-crafted MSMMS packet, leading to a heap-based buffer overflow. This could result in code execution within the context of the process running the affected software. The issue is particularly relevant in unusual configurations.

Recommendations For Wireshark versions 4.0.5 and prior, update to a version that addresses this issue to prevent potential heap-based buffer overflow and code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Heap Based Buffer Overflow

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-122CWE-787

Identificadores relacionados

ALT-PU-2023-1938

ALT-PU-2023-1971

ALT-PU-2023-1976

ALT-PU-2023-5823

ALT-PU-2023-6556

AZL-27144

CVE-2023-0667

DLA-3906-1

DSA-5429-1

OESA-2023-1363

OESA-2023-1371

OESA-2023-1372

OESA-2023-1373

OESA-2023-1374

OPENSUSE-SU-2023_3252-1

OPENSUSE-SU-2024:13014-1

ROSA-SA-2024-2388

SUSE-SU-2023:3252-1

SUSE-SU-2023_3252-1

Produtos afetados

Alt Linux

Astra Linux

Suse

Wireshark

PT-2023-16439 · Wireshark+3 · Wireshark+3

CVE-2023-0667

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 48