CyberSec.Space Logo
Back to CVE Browser

CVE-2017-9352

HIGH
7.5
CVSS Severity Score
EPSS Score0.0200%
EPSS Percentile1.94th
PublishedJun 2, 2017
Last ModifiedMay 13, 2026

Vulnerability Description

In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by ensuring that backwards parsing cannot occur.

Affected Platforms (CPE)

πŸ“¦
Wireshark

Wireshark

>= 2.0.0 and <= 2.0.12
πŸ“¦
Wireshark

Wireshark

>= 2.2.0 and <= 2.2.6

References & Advisories

πŸ”— http://www.securityfocus.com/bid/98804
πŸ”— http://www.securitytracker.com/id/1038612
πŸ”— https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13599
πŸ”— https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=8c5e0cee278ff0678b0ebf4b9c2a614974b4029a
πŸ”— https://www.wireshark.org/security/wnpa-sec-2017-22.html
πŸ”— http://www.securityfocus.com/bid/98804
πŸ”— http://www.securitytracker.com/id/1038612
πŸ”— https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13599

Related Vulnerabilities

CVE-2007-611210.0

Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (cr...

CVE-2006-363210.0

Buffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 allows remote attackers to cause a denial of service and possibly exe...

CVE-2006-362810.0

Multiple format string vulnerabilities in Wireshark (aka Ethereal) 0.10.x to 0.99.0 allow remote attackers to cause a denial of se...

CVE-2007-611410.0

Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of servi...