How severe is CVE-2017-11410?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2017-11410?

This is classified as CWE-20, which is a common weakness in software security.

CVE-2017-11410

HIGH Year: 2017

CVSS v3 Score

7.5

High

CVSS v2 Score

7.8

High

Weakness Type

CWE-20

View all →

Vulnerability Description

In Wireshark through 2.0.13 and 2.2.x through 2.2.7, the WBXML dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. This was addressed in epan/dissectors/packet-wbxml.c by adding validation of the relationships between indexes and lengths. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-7702.

CVE-2000-0258

HIGH

CVSS:7.5(High)

IIS 4.0 and 5.0 allows remote attackers to cause a denial of service by sending many URLs with a large number of escaped characters, aka the "Myriad Escaped Characters" Vulnerability.

CWE-202000

CVE-2008-2169

HIGH

CVSS:7.5(High)

Unspecified vulnerability in Avici routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue t...

CWE-202008

CVE-2008-2170

HIGH

CVSS:7.5(High)

Unspecified vulnerability in Century routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue...

CWE-202008

CVE-2008-2173

HIGH

CVSS:7.5(High)

Unspecified vulnerability in Yamaha routers allows remote attackers to cause a denial of service (dropped session) via crafted BGP UPDATE messages, leading to route flapping, possibly a related issue ...

CWE-202008