CVE-2017-7703

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2017-7703
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-7703.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-7703
Related
Published
2017-04-12T23:59:00Z
Modified
2024-06-30T12:57:40.839550Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the IMAP dissector could crash, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-imap.c by calculating a line's end correctly.

References

Affected packages

Alpine:v3.5 / wireshark

Package

Name
wireshark
Purl
pkg:apk/alpine/wireshark?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.6-r0

Affected versions

1.*

1.2.1-r0
1.2.2-r0
1.2.4-r0
1.2.6-r0
1.2.6-r1
1.2.6-r2
1.2.8-r0
1.2.9-r0
1.2.10-r0
1.4.0-r0
1.4.1-r0
1.4.2-r0
1.4.3-r0
1.4.4-r0
1.4.5-r0
1.4.6-r0
1.4.7-r0
1.6.0-r0
1.6.0-r1
1.6.1-r0
1.6.2-r0
1.6.3-r0
1.6.4-r0
1.6.5-r0
1.6.6-r0
1.6.6-r1
1.6.8-r0
1.6.8-r1
1.8.1-r0
1.8.2-r0
1.8.3-r0
1.8.4-r0
1.8.5-r0
1.8.6-r0
1.8.7-r0
1.10.0-r0
1.10.1-r0
1.10.2-r0
1.10.2-r1
1.10.3-r0
1.10.3-r1
1.10.4-r0
1.10.5-r0
1.10.5-r1
1.10.6-r0
1.10.7-r0
1.10.8-r0
1.12.0-r0
1.12.0-r1
1.12.1-r0
1.12.1-r1
1.12.2-r0
1.12.3-r0
1.12.4-r0
1.12.4-r1
1.12.5-r0
1.12.7-r0
1.12.8-r0

2.*

2.0.0-r0
2.0.1-r0
2.0.2-r0
2.0.3-r0
2.0.4-r0
2.0.5-r0
2.2.0-r0
2.2.0-r1
2.2.2-r0
2.2.3-r0
2.2.4-r0
2.2.4-r1
2.2.5-r0

Debian:11 / wireshark

Package

Name
wireshark
Purl
pkg:deb/debian/wireshark?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.6+g32dac6a-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:12 / wireshark

Package

Name
wireshark
Purl
pkg:deb/debian/wireshark?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.6+g32dac6a-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:13 / wireshark

Package

Name
wireshark
Purl
pkg:deb/debian/wireshark?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.2.6+g32dac6a-1

Ecosystem specific

{
    "urgency": "low"
}

Git / github.com/wireshark/wireshark

Affected versions

2.*

2.2.1rc0

Other

backups/ethereal@18706
ethereal-0-3-15
start

ethereal-0.*

ethereal-0.3.15

v1.*

v1.11.0
v1.11.0-rc1
v1.11.1
v1.11.1-rc1
v1.11.2
v1.11.2-rc1
v1.11.3
v1.11.3-rc1
v1.11.4-rc1
v1.99.0
v1.99.0-rc1
v1.99.1
v1.99.10rc0
v1.99.1rc0
v1.99.2
v1.99.2rc0
v1.99.3
v1.99.3rc0
v1.99.4
v1.99.4rc0
v1.99.5
v1.99.5rc0
v1.99.6
v1.99.6rc0
v1.99.7
v1.99.7rc0
v1.99.8
v1.99.8rc0
v1.99.9
v1.99.9rc0

v2.*

v2.0.0
v2.0.0rc0
v2.0.0rc1
v2.0.0rc2
v2.0.0rc3
v2.0.1
v2.0.10
v2.0.10rc0
v2.0.1rc0
v2.0.2
v2.0.2rc0
v2.0.3
v2.0.3rc0
v2.0.4
v2.0.4rc0
v2.0.5
v2.0.5rc0
v2.0.6
v2.0.6rc0
v2.0.7
v2.0.7rc0
v2.0.8
v2.0.8rc0
v2.0.9
v2.0.9rc0
v2.1.0
v2.1.0rc0
v2.1.1
v2.1.1rc0
v2.1.2rc0
v2.2.0
v2.2.0rc0
v2.2.0rc1
v2.2.0rc2
v2.2.1
v2.2.1rc0
v2.2.2
v2.2.2rc0
v2.2.3
v2.2.3rc0
v2.2.4
v2.2.4rc0
v2.2.5
v2.2.5rc0

wireshark-1.*

wireshark-1.11.3
wireshark-1.99.0
wireshark-1.99.1
wireshark-1.99.2
wireshark-1.99.3
wireshark-1.99.4
wireshark-1.99.5
wireshark-1.99.6
wireshark-1.99.7
wireshark-1.99.8
wireshark-1.99.9

wireshark-2.*

wireshark-2.0.0
wireshark-2.0.1
wireshark-2.0.10
wireshark-2.0.2
wireshark-2.0.3
wireshark-2.0.4
wireshark-2.0.5
wireshark-2.0.6
wireshark-2.0.7
wireshark-2.0.8
wireshark-2.0.9
wireshark-2.1.0
wireshark-2.1.1
wireshark-2.2.0
wireshark-2.2.0rc1
wireshark-2.2.0rc2
wireshark-2.2.1
wireshark-2.2.2
wireshark-2.2.3
wireshark-2.2.4
wireshark-2.2.5