Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2017-11410

Опубликовано: 18 июл. 2017
Источник: ubuntu
Приоритет: medium
CVSS2: 7.8
CVSS3: 7.5

Описание

In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and lengths. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-7702.

РелизСтатусПримечание
artful

ignored

end of life
bionic

released

2.6.3-1~ubuntu18.04.1
devel

not-affected

2.6.3-1
esm-apps/bionic

released

2.6.3-1~ubuntu18.04.1
esm-apps/xenial

released

2.6.3-1~ubuntu16.04.1
esm-infra-legacy/trusty

released

2.6.3-1~ubuntu14.04.1
precise/esm

DNE

trusty

released

2.6.3-1~ubuntu14.04.1
trusty/esm

released

2.6.3-1~ubuntu14.04.1
upstream

released

2.2.8, 2.0.14

Показывать по

Ссылки на источники

7.8 High

CVSS2

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2017-11410

CVSS3: 5.9
redhat
почти 9 лет назад

In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and lengths. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-7702.

nvd логотип

CVE-2017-11410

CVSS3: 7.5
nvd
больше 8 лет назад

In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and lengths. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-7702.

debian логотип

CVE-2017-11410

CVSS3: 7.5
debian
больше 8 лет назад

In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissect ...

github логотип

GHSA-x5hh-chcp-7jv5

CVSS3: 7.5
github
больше 3 лет назад

In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and lengths. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-7702.

suse-cvrf логотип

SUSE-SU-2017:2033-1

suse-cvrf
больше 8 лет назад

Security update for wireshark

7.8 High

CVSS2

7.5 High

CVSS3