{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-0667", "assignerOrgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43", "state": "PUBLISHED", "assignerShortName": "AHA", "dateReserved": "2023-02-03T22:08:34.816Z", "datePublished": "2023-06-07T02:38:07.798Z", "dateUpdated": "2025-02-13T16:39:05.672Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Wireshark", "vendor": "Wireshark Foundation", "versions": [{"lessThanOrEqual": "4.0.5", "status": "affected", "version": "0", "versionType": "semver"}, {"status": "unaffected", "version": "4.0.6"}, {"lessThanOrEqual": "3.6.13", "status": "affected", "version": "0", "versionType": "semver"}, {"status": "unaffected", "version": "3.6.14"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "zenofex"}, {"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "WanderingGlitch"}, {"lang": "en", "type": "coordinator", "user": "00000000-0000-4000-9000-000000000000", "value": "Austin Hackers Anonymous!"}], "datePublic": "2023-05-22T19:04:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark"}], "value": "Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark"}], "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43", "shortName": "AHA", "dateUpdated": "2023-09-17T06:06:23.905Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://takeonme.org/cves/CVE-2023-0667.html"}, {"tags": ["issue-tracking"], "url": "https://gitlab.com/wireshark/wireshark/-/issues/19086"}, {"url": "https://security.gentoo.org/glsa/202309-02"}], "source": {"discovery": "EXTERNAL"}, "title": "Wireshark MSMMS parsing buffer overflow", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:17:50.329Z"}, "title": "CVE Program Container", "references": [{"tags": ["third-party-advisory", "x_transferred"], "url": "https://takeonme.org/cves/CVE-2023-0667.html"}, {"tags": ["issue-tracking", "x_transferred"], "url": "https://gitlab.com/wireshark/wireshark/-/issues/19086"}, {"url": "https://security.gentoo.org/glsa/202309-02", "tags": ["x_transferred"]}]}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-01-06T20:51:10.713632Z", "id": "CVE-2023-0667", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-06T20:52:20.014Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://takeonme.org/cves/CVE-2023-0667.html", "tags": ["third-party-advisory", "x_transferred"]}, {"url": "https://gitlab.com/wireshark/wireshark/-/issues/19086", "tags": ["issue-tracking", "x_transferred"]}, {"url": "https://security.gentoo.org/glsa/202309-02", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T05:17:50.329Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-0667", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-01-06T20:51:10.713632Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-01-06T20:52:02.476Z"}}], "cna": {"title": "Wireshark MSMMS parsing buffer overflow", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "zenofex"}, {"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "WanderingGlitch"}, {"lang": "en", "type": "coordinator", "user": "00000000-0000-4000-9000-000000000000", "value": "Austin Hackers Anonymous!"}], "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}], "affected": [{"vendor": "Wireshark Foundation", "product": "Wireshark", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "4.0.5"}, {"status": "unaffected", "version": "4.0.6"}, {"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "3.6.13"}, {"status": "unaffected", "version": "3.6.14"}], "defaultStatus": "unaffected"}], "datePublic": "2023-05-22T19:04:00.000Z", "references": [{"url": "https://takeonme.org/cves/CVE-2023-0667.html", "tags": ["third-party-advisory"]}, {"url": "https://gitlab.com/wireshark/wireshark/-/issues/19086", "tags": ["issue-tracking"]}, {"url": "https://security.gentoo.org/glsa/202309-02"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark", "supportingMedia": [{"type": "text/html", "value": "Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-122", "description": "CWE-122 Heap-based Buffer Overflow"}]}], "providerMetadata": {"orgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43", "shortName": "AHA", "dateUpdated": "2023-09-17T06:06:23.905Z"}}}, "cveMetadata": {"cveId": "CVE-2023-0667", "state": "PUBLISHED", "dateUpdated": "2025-02-13T16:39:05.672Z", "dateReserved": "2023-02-03T22:08:34.816Z", "assignerOrgId": "26969f82-7e87-44d8-9cb5-f6fb926ddd43", "datePublished": "2023-06-07T02:38:07.798Z", "assignerShortName": "AHA"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*", "matchCriteriaId": "FBA0E5F8-10A3-4294-95A8-6CB594C4DADE", "versionEndExcluding": "4.0.6", "versionStartIncluding": "4.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark"}, {"lang": "es", "value": "Debido a un fallo en la validaci\u00f3n de la longitud proporcionada por un atacante en un paquete manipulado MSMMS, Wireshark v4.0.5 y anteriores, en una configuraci\u00f3n inusual, es susceptible a un desbordamiento de b\u00fafer de pila, y posiblemente a la ejecuci\u00f3n de c\u00f3digo en el contexto del proceso que ejecuta Wireshark. "}], "id": "CVE-2023-0667", "lastModified": "2025-01-06T21:15:08.783", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2023-06-07T03:15:09.117", "references": [{"source": "cve@takeonme.org", "tags": ["Exploit", "Issue Tracking"], "url": "https://gitlab.com/wireshark/wireshark/-/issues/19086"}, {"source": "cve@takeonme.org", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202309-02"}, {"source": "cve@takeonme.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://takeonme.org/cves/CVE-2023-0667.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking"], "url": "https://gitlab.com/wireshark/wireshark/-/issues/19086"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/202309-02"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://takeonme.org/cves/CVE-2023-0667.html"}], "sourceIdentifier": "cve@takeonme.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-122"}], "source": "cve@takeonme.org", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "wireshark: incorrect length validation may lead to a heap-based buffer overflow", "id": "2229692", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2229692"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-787->CWE-122", "details": ["Due to failure in validating the length provided by an attacker-crafted MSMMS packet, Wireshark version 4.0.5 and prior, in an unusual configuration, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark", "A flaw was found in the Wireshark package. Due to failure in validating the length provided by an attacker-crafted MS-MMS packet, Wireshark, in an unusual configuration, is susceptible to a heap-based buffer overflow. This issue may result in a crash."], "name": "CVE-2023-0667", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Will not fix", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2023-06-07T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-0667\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-0667\nhttps://gitlab.com/wireshark/wireshark/-/issues/19086"], "threat_severity": "Moderate", "upstream_fix": "wireshark 4.0.6"}