Multiple vulnerabilities in Wireshark

Description

Multiple vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service.

Below is a complete list of vulnerabilities:

1. Denial of service vulnerability in HTTP3 dissector can be exploited to cause denial of service.
2. Denial of service vulnerability in Zigbee TLV dissector can be exploited to cause denial of service.

Original advisories

• Wireshark • wnpa-sec-2024-03 HTTP3 dissector crash

• Wireshark • wnpa-sec-2024-04 Zigbee TLV dissector crash

Exploitation

Public exploits exist for this vulnerability.

Related products

• Wireshark

CVE list

• CVE-2024-0207
  warning
• CVE-2024-0210
  warning

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com