MS-WSP Protocol Dissector Crash Vulnerability

MS-WSP Protocol Dissector Crash Vulnerability

CVE-2018-18227 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. This was addressed in epan/dissectors/packet-mswsp.c by properly handling NULL return values.

Learn more about our Web Application Penetration Testing UK.