{"id":"CVE-2017-9348","details":"In Wireshark 2.2.0 to 2.2.6, the DOF dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-dof.c by validating a size value.","modified":"2026-03-15T14:26:04.140644Z","published":"2017-06-02T05:29:00.433Z","related":["SUSE-SU-2017:1663-1","SUSE-SU-2017:1664-1","openSUSE-SU-2024:11513-1"],"references":[{"type":"WEB","url":"https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=7fe55f96672b7bf2b4ceb9ae039a0f43eddd3151"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/98801"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1038612"},{"type":"ADVISORY","url":"https://www.wireshark.org/security/wnpa-sec-2017-23.html"},{"type":"REPORT","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1151"},{"type":"FIX","url":"https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=13608"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/wireshark/wireshark","events":[{"introduced":"5368c50be46d4a44986d12bdfc0a35b42c0f34fc"},{"last_affected":"32dac6a1ea518cb0062c139e2b3df298afc93c30"}],"database_specific":{"versions":[{"introduced":"2.2.0"},{"last_affected":"2.2.6"}]}}],"versions":["2.2.1rc0","v2.2.0","v2.2.1","v2.2.1rc0","v2.2.2","v2.2.2rc0","v2.2.3","v2.2.3rc0","v2.2.4","v2.2.4rc0","v2.2.5","v2.2.5rc0","v2.2.6","v2.2.6rc0","wireshark-2.2.0","wireshark-2.2.1","wireshark-2.2.2","wireshark-2.2.3","wireshark-2.2.4","wireshark-2.2.5","wireshark-2.2.6"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-9348.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}