CVE-2023-0666 Information

Description

Due to failure in validating the length provided by an attacker-crafted RTPS packet Wireshark version 4.0.5 and prior by default is susceptible to a heap-based buffer overflow and possibly code execution in the context of the process running Wireshark.

Reference

https://takeonme.org/cves/CVE-2023-0666.html https://www.wireshark.org/security/wnpa-sec-2023-18.html https://gitlab.com/wireshark/wireshark/-/issues/19085 https://www.wireshark.org/docs/relnotes/wireshark-4.0.6.html