vendor:
Wireshark
by:
Project Zero
7.5
CVSS
HIGH
Memory Out-of-Bounds Write
CWE
Product Name: Wireshark
Affected Version From: Current git master of Wireshark
Affected Version To:
Patch Exists: No
Related CWE:
CPE:
Platforms Tested:
Out-of-bounds Write in Wireshark
The exploit occurs when a malformed file is fed to tshark, causing a static memory out-of-bounds write in the dissect_ber_integer function of packet-ber.c. This leads to a global-buffer-overflow error.
Mitigation:
Unknown