CVE-2023-0666 – RTPS parsing buffer overflow.This vulnerability exists in the blf_read_apptextmessage function of the Wireshark BLF plugin, which can be exploited by sending a crafted string resulting in arbitrary code execution. CVE-2023-2854 – Heap Buffer Overflow blf_read_apptextmessage Function.Alternatively, it can also result in arbitrary code.
When opened by Wireshark, this file can crash the application and result in potential code execution. CVE-2023-2855 – Stack-buffer-overflow in candump_write_packetĪn attacker can exploit this vulnerability by sending a specially crafted payload file.Wireshark has fixed 9 existing vulnerabilities in the new release. However, as stated by Wireshark, the official 32-bit Windows packages are no longer shipped.įor users who wish to use Wireshark in 32-bit Windows, it is recommended to go with the latest 3.6 release. With the current release, the latest version of Wireshark is 4.0.6.