← Back

CVE-2017-13766

nvd nist
Published: Aug 30, 2017Modified: May 13, 2026

JSON object

Loading...
7.5
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could crash with an out-of-bounds write. This was addressed in plugins/profinet/packet-dcerpc-pn-io.c by adding string validation.

Affected (23)

Products: Wireshark: Wireshark
Wireshark
1 product
Wireshark
Configuration A
14 vulnerable
Vulnerable SoftwareAffected Versions
Wireshark
Wireshark
Version 2.0.0
Wireshark
Version 2.0.10
Wireshark
Version 2.0.11
Wireshark
Version 2.0.12
Wireshark
Version 2.0.13
Wireshark
Version 2.0.1
Wireshark
Version 2.0.2
Wireshark
Version 2.0.3
Wireshark
Version 2.0.4
Wireshark
Version 2.0.5
Wireshark
Version 2.0.6
Wireshark
Version 2.0.7
Wireshark
Version 2.0.8
Wireshark
Version 2.0.9
Configuration B
8 vulnerable
Vulnerable SoftwareAffected Versions
Wireshark
Wireshark
Version 2.2.0
Wireshark
Version 2.2.1
Wireshark
Version 2.2.2
Wireshark
Version 2.2.3
Wireshark
Version 2.2.4
Wireshark
Version 2.2.5
Wireshark
Version 2.2.6
Wireshark
Version 2.2.7
Configuration C
1 vulnerable
Vulnerable SoftwareAffected Versions
Wireshark
Version 2.4.0

Related CWEs

CWE-787
Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.

References (14)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Issue TrackingPatchVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingPatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.