CVE-2018-18227

2018-10-1206:29:01

Google

osv.dev

6.5 Medium

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

79.8%

JSON

In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. This was addressed in epan/dissectors/packet-mswsp.c by properly handling NULL return values.

CPENameOperatorVersion
wiresharkeqwireshark-2.4.8
wiresharkeqwireshark-2.6.2
wiresharkeqwireshark-2.4.7
wiresharkeq2.4.3
wiresharkeq2.4.7rc0
wiresharkeqwireshark-2.4.2
wiresharkeq2.4.8rc0
wiresharkeq2.4.4rc0
wiresharkeqwireshark-2.4.0
wiresharkeq2.6.0

Name	Operator	Version
wireshark	eq	wireshark-2.4.8
wireshark	eq	wireshark-2.6.2
wireshark	eq	wireshark-2.4.7
wireshark	eq	2.4.3
wireshark	eq	2.4.7rc0
wireshark	eq	wireshark-2.4.2
wireshark	eq	2.4.8rc0
wireshark	eq	2.4.4rc0
wireshark	eq	wireshark-2.4.0
wireshark	eq	2.6.0