Impact
The vulnerability is a heap‑based buffer overflow located in the Z39.50 protocol dissector of Wireshark. When a specially crafted packet is processed, the dissector can write beyond the bounds of an allocated buffer, causing the application to crash. This results in a denial of service because the user session or the entire Wireshark process terminates.
Affected Systems
Wireshark Foundation’s Wireshark software is affected. The flaw exists in versions 4.6.0 through 4.6.6 and 4.4.0 through 4.4.16. The vendor has released a fix in Wireshark 4.6.7, which addresses the buffer overflow in the Z39.50 dissector.
Risk and Exploitability
The CVSS score of 5.5 indicates a moderate severity. EPSS data is not available and the vulnerability is not listed in the CISA KEV catalog, so no public exploits are known. Because Wireshark runs in user space, the most likely attack vector requires an attacker to supply a malicious packet on the network or a crafted capture file that the user opens. The crash would terminate the Wireshark process or potentially the entire user session, harming availability. Even though an attacker would need to direct traffic or files to a victim, the impact can be disruptive in shared or critical monitoring environments.
OpenCVE Enrichment