Wireshark: >> Wireshark >> 2.4.3 Security Vulnerabilities
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by correcting the signature timestamp bounds checks.
CVSS Score
6.5
EPSS Score
0.009
Published
2018-01-11
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the WCP dissector could crash. This was addressed in epan/dissectors/packet-wcp.c by validating the available buffer length.
CVSS Score
6.5
EPSS Score
0.009
Published
2018-01-11
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the recursion depth.
CVSS Score
7.5
EPSS Score
0.01
Published
2018-01-11
Page 10