Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and lengths. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-7702.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Wireshark WBXML解析器安全漏洞
Vulnerability Description
Wireshark(前称Ethereal)是Wireshark团队开发的一套网络数据包分析软件。该软件的功能是截取网络数据包,并显示出详细的数据以供分析。WBXML dissector是其中的一个基于WBXML的解析器。 Wireshark 2.0.13及之前的版本和2.2.x版本至2.2.7版本中的WBXML解析器存在安全漏洞。攻击者可借助畸形的截图文件或通过注入数据包利用该漏洞造成拒绝服务(无限循环)。
CVSS Information
N/A
Vulnerability Type
N/A