CVE-2017-11410
- Source
- https://cve.org/CVERecord?id=CVE-2017-11410
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-11410.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2017-11410
- Downstream
- Related
- Published
- 2017-07-18T21:29:00.407Z
- Modified
- 2026-04-16T01:43:39.016669440Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and lengths. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-7702.
- References
Affected packages
Git / github.com/wireshark/wireshark
Affected ranges
- Type
- GIT
- Repo
- https://github.com/wireshark/wireshark
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affectedLast affected
- Database specific
{ "extracted_events": [ { "introduced": "0" }, { "last_affected": "2.0.0" }, { "last_affected": "2.0.1" }, { "last_affected": "2.0.2" }, { "last_affected": "2.0.3" }, { "last_affected": "2.0.4" }, { "last_affected": "2.0.5" }, { "last_affected": "2.0.6" }, { "last_affected": "2.0.7" }, { "last_affected": "2.0.8" }, { "last_affected": "2.0.9" }, { "last_affected": "2.0.10" }, { "last_affected": "2.0.11" }, { "last_affected": "2.0.12" }, { "last_affected": "2.0.13" }, { "last_affected": "2.2.0" }, { "last_affected": "2.2.1" }, { "last_affected": "2.2.2" }, { "last_affected": "2.2.3" }, { "last_affected": "2.2.4" }, { "last_affected": "2.2.5" }, { "last_affected": "2.2.6" }, { "last_affected": "2.2.7" } ], "source": "CPE_FIELD", "cpe": [ "cpe:2.3:a:wireshark:wireshark:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.11:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.0.13:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:wireshark:wireshark:2.2.7:*:*:*:*:*:*:*" ] }
Affected versions
2.*
2.2.1rc0
Other
backups/ethereal@18706
ethereal-0-3-15
start
ethereal-0.*
ethereal-0.3.15
v1.*
v1.11.0
v1.11.0-rc1
v1.11.1
v1.11.1-rc1
v1.11.2
v1.11.2-rc1
v1.11.3
v1.11.3-rc1
v1.11.4-rc1
v1.99.0
v1.99.0-rc1
v1.99.1
v1.99.10rc0
v1.99.1rc0
v1.99.2
v1.99.2rc0
v1.99.3
v1.99.3rc0
v1.99.4
v1.99.4rc0
v1.99.5
v1.99.5rc0
v1.99.6
v1.99.6rc0
v1.99.7
v1.99.7rc0
v1.99.8
v1.99.8rc0
v1.99.9
v1.99.9rc0
v2.*
v2.0.0
v2.0.0rc0
v2.0.0rc1
v2.0.0rc2
v2.0.0rc3
v2.0.1
v2.0.10
v2.0.10rc0
v2.0.11
v2.0.11rc0
v2.0.12
v2.0.12rc0
v2.0.13
v2.0.13rc0
v2.0.1rc0
v2.0.2
v2.0.2rc0
v2.0.3
v2.0.3rc0
v2.0.4
v2.0.4rc0
v2.0.5
v2.0.5rc0
v2.0.6
v2.0.6rc0
v2.0.7
v2.0.7rc0
v2.0.8
v2.0.8rc0
v2.0.9
v2.0.9rc0
v2.1.0
v2.1.0rc0
v2.1.1
v2.1.1rc0
v2.1.2rc0
v2.2.0
v2.2.0rc0
v2.2.0rc1
v2.2.0rc2
v2.2.1
v2.2.1rc0
v2.2.2
v2.2.2rc0
v2.2.3
v2.2.3rc0
v2.2.4
v2.2.4rc0
v2.2.5
v2.2.5rc0
v2.2.6
v2.2.6rc0
v2.2.7
v2.2.7rc0
wireshark-1.*
wireshark-1.11.3
wireshark-1.99.0
wireshark-1.99.1
wireshark-1.99.2
wireshark-1.99.3
wireshark-1.99.4
wireshark-1.99.5
wireshark-1.99.6
wireshark-1.99.7
wireshark-1.99.8
wireshark-1.99.9
wireshark-2.*
wireshark-2.0.0
wireshark-2.0.1
wireshark-2.0.10
wireshark-2.0.11
wireshark-2.0.12
wireshark-2.0.13
wireshark-2.0.2
wireshark-2.0.3
wireshark-2.0.4
wireshark-2.0.5
wireshark-2.0.6
wireshark-2.0.7
wireshark-2.0.8
wireshark-2.0.9
wireshark-2.1.0
wireshark-2.1.1
wireshark-2.2.0
wireshark-2.2.0rc1
wireshark-2.2.0rc2
wireshark-2.2.1
wireshark-2.2.2
wireshark-2.2.3
wireshark-2.2.4
wireshark-2.2.5
wireshark-2.2.6
wireshark-2.2.7