VDB
CNVD-2025-30216
CNVD-2025-30216
PUBLISHED
CVSS 7.800000190734863 HIGH
Wireshark是一款非常流行的网络封包分析软件,可以截取各种网络数据包,并显示数据包详细信息。 Wireshark存在拒绝服务漏洞。该漏洞存在于Wireshark的列处理功能中。当Wireshark尝试处理包含恶意构造数据的网络数据包或捕获文件时,由于未正确验证输入数据的大小和格式,导致缓冲区溢出。攻击者可以利用该漏洞通过注入特定的数据包或使用精心构造的捕获文件来触发拒绝服务攻击。
Risk Scores
CVSS v3.1
7.800000190734863
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Wireshark Foundation | Wireshark | 4.4.0, 4.2.0 |
Timeline
- Jun 4, 2025 CVE Published
- Jun 4, 2025 PoC Published
- Jun 4, 2025 PoC Published
- Jun 4, 2025 PoC Published
- Jun 5, 2025 PoC Published
- Jun 9, 2025 PoC Published
- Jun 11, 2025 PoC Published
- Jun 13, 2025 PoC Published
- Jun 17, 2025 PoC Published
- Jun 17, 2025 PoC Published
- Jun 17, 2025 PoC Published
- Jun 23, 2025 PoC Published