CVE-2023-1161

Summary

ISO 15765 and ISO 10681 dissector crash in Wireshark 4.0.0 to 4.0.3 and 3.6.0 to 3.6.11 allows denial of service via packet injection or crafted capture file

Affected Software

VendorProductVersion RangeStatus
Wireshark FoundationWireshark>=4.0.0, <4.0.4affected
Wireshark FoundationWireshark>=3.6.0, <3.6.12affected

Weaknesses

  • Buffer copy without checking size of input ('classic buffer overflow') in Wireshark

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References