vulnerability
Wireshark : CVE-2017-7704 : DOF dissector infinite loop
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Apr 12, 2017 | Oct 4, 2017 | Nov 27, 2024 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Apr 12, 2017
Added
Oct 4, 2017
Modified
Nov 27, 2024
Description
In Wireshark 2.2.0 to 2.2.5, the DOF dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-dof.c by using a different integer data type and adjusting a return value.
Solution
wireshark-upgrade-2_2_6

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.