CyberSec.Space Logo
CVEブラウザに戻る

CVE-2017-9352

HIGH
7.5
CVSS Severity Score
EPSS Score0.0200%
EPSS Percentile1.94th
Published2017年6月2日
Last Modified2026年5月13日

Vulnerability Description

In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by ensuring that backwards parsing cannot occur.

Affected Platforms (CPE)

📦
Wireshark

Wireshark

>= 2.0.0 and <= 2.0.12
📦
Wireshark

Wireshark

>= 2.2.0 and <= 2.2.6

References & Advisories

🔗 http://www.securityfocus.com/bid/98804
🔗 http://www.securitytracker.com/id/1038612
🔗 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13599
🔗 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=8c5e0cee278ff0678b0ebf4b9c2a614974b4029a
🔗 https://www.wireshark.org/security/wnpa-sec-2017-22.html
🔗 http://www.securityfocus.com/bid/98804
🔗 http://www.securitytracker.com/id/1038612
🔗 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13599

関連する脆弱性情報

CVE-2007-611210.0

Buffer overflow in the PPP dissector Wireshark (formerly Ethereal) 0.99.6 allows remote attackers to cause a denial of service (cr...

CVE-2006-363210.0

Buffer overflow in Wireshark (aka Ethereal) 0.8.16 to 0.99.0 allows remote attackers to cause a denial of service and possibly exe...

CVE-2006-362810.0

Multiple format string vulnerabilities in Wireshark (aka Ethereal) 0.10.x to 0.99.0 allow remote attackers to cause a denial of se...

CVE-2007-611410.0

Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of servi...