CVE-2023-6175 — Classic Buffer Overflow in Foundation Wireshark

Severity

7.8HIGHNVD

EPSS

0.0%

top 86.23%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedMar 26

Description

NetScreen file parser crash in Wireshark 4.0.0 to 4.0.10 and 3.6.0 to 3.6.18 allows denial of service via crafted capture file

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

▶Debianwireshark/wireshark< 3.4.16-0+deb11u1+3

▶NVDwireshark/wireshark3.6.0 — 3.6.18+1

OSV

CVE-2023-6175: NetScreen file parser crash in Wireshark 4↗2024-03-26

▶

CVEList

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in Wireshark↗2024-03-26

▶

GHSA

GHSA-r8r7-4wvf-px33: NetScreen file parser crash in Wireshark 4↗2024-03-26

▶

Microsoft

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in Wireshark↗2024-03-12

▶

Red Hat

wireshark: NetScreen File Parsing Heap-based Buffer Overflow↗2023-11-15

▶

Debian

CVE-2023-6175: wireshark - NetScreen file parser crash in Wireshark 4.0.0 to 4.0.10 and 3.6.0 to 3.6.18 all...↗2023

▶