CVE-2018-9259

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-9259

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-9259.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-9259

Related

Published

2018-04-04T07:29:00Z

Modified

2024-09-03T02:13:06.023695Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the MP4 dissector could crash. This was addressed in epan/dissectors/file-mp4.c by restricting the box recursion depth.

References

Affected packages

Debian:11 / wireshark

Package

Name: wireshark
Purl: pkg:deb/debian/wireshark?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.6-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:12 / wireshark

Package

Name: wireshark
Purl: pkg:deb/debian/wireshark?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.6-1

Ecosystem specific

{
    "urgency": "low"
}

Debian:13 / wireshark

Package

Name: wireshark
Purl: pkg:deb/debian/wireshark?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.6-1

Ecosystem specific

{
    "urgency": "low"
}

Git / github.com/wireshark/wireshark

Affected ranges

Type: GIT
Repo: https://github.com/wireshark/wireshark
Events: Introduced

9be0fa500da594ed01baf3214642838d22811c90

Last affected

153e867ef17b9b9b87ec67c9a73591ffb822adf7

Introduced

5368c50be46d4a44986d12bdfc0a35b42c0f34fc

Last affected

aca419994738c5b88461f52f0df45053098c470a

Affected versions

2.*

2.2.1rc0

v2.*

v2.2.0

v2.2.1

v2.2.10

v2.2.10rc0

v2.2.11

v2.2.11rc0

v2.2.12

v2.2.12rc0

v2.2.13

v2.2.13rc0

v2.2.1rc0

v2.2.2

v2.2.2rc0

v2.2.3

v2.2.3rc0

v2.2.4

v2.2.4rc0

v2.2.5

v2.2.5rc0

v2.2.6

v2.2.6rc0

v2.2.7

v2.2.7rc0

v2.2.8

v2.2.8rc0

v2.2.9

v2.2.9rc0

v2.4.0

v2.4.1

v2.4.1rc0

v2.4.2

v2.4.2rc0

v2.4.3

v2.4.3rc0

v2.4.4

v2.4.4rc0

v2.4.5

v2.4.5rc0

wireshark-2.*

wireshark-2.2.0

wireshark-2.2.1

wireshark-2.2.10

wireshark-2.2.11

wireshark-2.2.12

wireshark-2.2.13

wireshark-2.2.2

wireshark-2.2.3

wireshark-2.2.4

wireshark-2.2.5

wireshark-2.2.6

wireshark-2.2.7

wireshark-2.2.8

wireshark-2.2.9

wireshark-2.4.0

wireshark-2.4.1

wireshark-2.4.2

wireshark-2.4.3

wireshark-2.4.4

wireshark-2.4.5