CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
Low
EPSS
Percentile
16.3%
Vulnerability of handle_chopping() function of Wireshark computer network traffic analyzer is related to a memory handling issue in EditCap.
memory handling issue in EditCap. Exploitation of the vulnerability could allow an attacker to cause a denial of
denial of service
Vulnerability in MONGO and ZigBee TLV dissectors of Wireshark computer network traffic analyzer is related to
execution of a loop with an unreachable exit condition. Exploitation of the vulnerability could allow an attacker,
acting remotely, cause a denial of service by sending specially crafted packets
A vulnerability in the wtap_dump_close() function of the Wireshark computer network traffic analyzer is related to
memory usage after release in EditCap. Exploitation of the vulnerability could allow an attacker to
cause a denial of service
A vulnerability in the pan/addr_resolv.c component of the Wireshark traffic analyzer is related to incorrect
resource cleanup or release. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service.
remotely to cause a denial of service
A vulnerability in the T.38 dissector of the Wireshark computer network traffic analyzer is related to inconsistent
memory management. Exploitation of the vulnerability could allow an attacker to cause a denial of service
by sending a specially crafted file or packet
Vulnerability of format_fractional_part_nsecs function of Wireshark computer network traffic analyzer is related to
with buffer copying without checking the size of the input data. Exploitation of the vulnerability could allow
an attacker acting remotely to cause a denial of service
Vulnerability of dissect_bgp_open() function of Wireshark computer network traffic analyzer is related to the output of the
operation beyond the buffer boundaries in memory when processing extended BGP parameter formats. Exploitation
of the vulnerability may allow a remote attacker to cause a denial of service