Wireshark 2.0.0-4.0.7 Divide-By-Zero via CP2179 Packet Length Validation
CVE-2023-2906 Published on August 25, 2023
Wireshark CP2179 divide by zero
Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack.
Weakness Type
Divide By Zero
The product divides a value by zero. This weakness typically occurs when an unexpected value is provided to the product, or if an error occurs that is not properly detected. It frequently occurs in calculations involving physical dimensions such as size, length, width, and height.
Products Associated with CVE-2023-2906
Want to know whenever a new CVE is published for Wireshark? stack.watch will email you.
Affected Versions
Wireshark Foundation Wireshark:- Version 2.0.0, <= 4.0.7 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.