CVE-2018-5335
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-5335
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-5335.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-5335
- Downstream
- Related
- Published
- 2018-01-11T21:29:00.253Z
- Modified
- 2025-11-20T10:52:31.803638Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the WCP dissector could crash. This was addressed in epan/dissectors/packet-wcp.c by validating the available buffer length.
- References
-
- https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=086b87376b988c555484349aa115d6e08ac6db07
- http://www.securityfocus.com/bid/102500
- https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14251
- https://lists.debian.org/debian-lts-announce/2018/01/msg00032.html
- https://www.debian.org/security/2018/dsa-4101
- https://www.wireshark.org/security/wnpa-sec-2018-04.html
Affected packages
Git / github.com/wireshark/wireshark
Affected ranges
- Type
- GIT
- Repo
- https://github.com/wireshark/wireshark
- Events
-
IntroducedLast affectedIntroducedLast affected
Affected versions
2.*
2.2.1rc0
v2.*
v2.2.0
v2.2.1
v2.2.10
v2.2.10rc0
v2.2.11
v2.2.11rc0
v2.2.1rc0
v2.2.2
v2.2.2rc0
v2.2.3
v2.2.3rc0
v2.2.4
v2.2.4rc0
v2.2.5
v2.2.5rc0
v2.2.6
v2.2.6rc0
v2.2.7
v2.2.7rc0
v2.2.8
v2.2.8rc0
v2.2.9
v2.2.9rc0
v2.4.0
v2.4.1
v2.4.1rc0
v2.4.2
v2.4.2rc0
v2.4.3
v2.4.3rc0
wireshark-2.*
wireshark-2.2.0
wireshark-2.2.1
wireshark-2.2.10
wireshark-2.2.11
wireshark-2.2.2
wireshark-2.2.3
wireshark-2.2.4
wireshark-2.2.5
wireshark-2.2.6
wireshark-2.2.7
wireshark-2.2.8
wireshark-2.2.9
wireshark-2.4.0
wireshark-2.4.1
wireshark-2.4.2
wireshark-2.4.3