Wireshark: >> Wireshark >> 2.2.12 Security Vulnerabilities
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-usb.c had an infinite loop that was addressed by rejecting short frame header lengths.
CVSS Score
7.5
EPSS Score
0.004
Published
2018-02-23
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-s7comm.c had an infinite loop that was addressed by correcting off-by-one errors.
CVSS Score
7.5
EPSS Score
0.004
Published
2018-02-23
The netmonrec_comment_destroy function in wiretap/netmon.c in Wireshark through 2.4.4 performs a free operation on an uninitialized memory address, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
CVSS Score
9.8
EPSS Score
0.003
Published
2018-02-08
Page 7