Impact
The vulnerability is a heap‑based buffer overflow in the DCT2000 protocol dissector of Wireshark. A maliciously crafted packet can cause the dissector to overflow a heap buffer, leading the application to crash and thus deny service to users. The flaw is identified as CWE‑122. Because the overflow is triggered by input data, the vulnerability does not enable remote code execution, but it disrupts the Wireshark process.
Affected Systems
Affected versions are Wireshark Foundation releases 4.6.0 through 4.6.6 and 4.4.0 through 4.4.16. Any systems running these Wireshark builds are at risk.
Risk and Exploitability
The CVSS score of 5.5 indicates moderate severity. EPSS data is unavailable, so the probability of attack is unknown, and the vulnerability is not listed in the CISA KEV catalog. Attackers would need to supply crafted DCT2000 packets to a Wireshark instance; the path may be local or remote depending on packet capture source, so the likely vector is via network traffic processed by the susceptible dissector.
OpenCVE Enrichment