CVE-2017-13766

Published: Aug 30, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could crash with an out-of-bounds write. This was addressed in plugins/profinet/packet-dcerpc-pn-io.c by adding string validation.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=af7b093ca528516c14247acb545046199d30843e

x_refsource_CONFIRM

https://www.wireshark.org/security/wnpa-sec-2017-39.html

x_refsource_CONFIRM

DSA-4060

vendor-advisory

x_refsource_DEBIAN

100542

vdb-entry

x_refsource_BID

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13847

x_refsource_CONFIRM

https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=2096bc1e5078732543e0a3ee115a2ce520a72bbc

x_refsource_CONFIRM

1039254

vdb-entry

x_refsource_SECTRACK

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-13766

Description

Affected Products

References