vulnerability
Oracle Solaris 11: CVE-2017-11410: Vulnerability in Wireshark
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Jul 18, 2017 | Sep 19, 2017 | Feb 1, 2022 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Jul 18, 2017
Added
Sep 19, 2017
Modified
Feb 1, 2022
Description
In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and lengths. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-7702.
Solutions
oracle-solaris-11-3-upgrade-diagnostic-wireshark-2-2-8-0-175-3-24-0-1-0oracle-solaris-11-3-upgrade-diagnostic-wireshark-tshark-2-2-8-0-175-3-24-0-1-0oracle-solaris-11-3-upgrade-diagnostic-wireshark-wireshark-common-2-2-8-0-175-3-24-0-1-0
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.