Heap-based Buffer Over-read Vulnerability in Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10

Heap-based Buffer Over-read Vulnerability in Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10

CVE-2018-19625 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine could crash. This was addressed in epan/tvbuff_composite.c by preventing a heap-based buffer over-read.

Learn more about our Web Application Penetration Testing UK.