7.5
CVE-2017-6468
- EPSS 2.59%
- Veröffentlicht 04.03.2017 03:59:00
- Zuletzt bearbeitet 13.05.2026 00:24:29
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser crash, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by validating the relationship between pages and records.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.59% | 0.833 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://www.debian.org/security/2017/dsa-3811
http://www.securityfocus.com/bid/96569
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13430
https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=9f3bc84b7e7e435c50b8b68f0fc526d0f5676cbf
https://www.wireshark.org/security/wnpa-sec-2017-08.html