Test ID:	1.3.6.1.4.1.25623.1.0.834854
Category:	Denial of Service
Title:	Wireshark 3.6.x < 3.6.20, 4.0.x < 4.0.12, 4.2.0 Multiple Vulnerabilities (Jan 2025) - Mac OS X
Summary:	Wireshark is prone to multiple; vulnerabilities.
Description:	Summary: Wireshark is prone to multiple vulnerabilities. Vulnerability Insight: These vulnerabilities exist: - CVE-2024-0208: GVCP dissector crash - CVE-2024-0209: IEEE 1609.2 dissector crash Vulnerability Impact: Successful exploitation allows an attacker to cause denial of service via packet injection or crafted capture file. Affected Software/OS: Wireshark version 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 on Mac OS X. Solution: Update to version 4.2.1 or 4.0.12 or 3.6.20 or later. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2024-0208 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/34DBP5P2RHQ7XUABPANYYMOGV5KS6VEP/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MADSCHKZSCKQ5NLIX3UMOIJD2JZ65L4V/ GitLab Issue #19496 https://gitlab.com/wireshark/wireshark/-/issues/19496 https://www.wireshark.org/security/wnpa-sec-2024-01.html https://lists.debian.org/debian-lts-announce/2024/02/msg00016.html Common Vulnerability Exposure (CVE) ID: CVE-2024-0209 GitLab Issue #19501 https://gitlab.com/wireshark/wireshark/-/issues/19501 https://www.wireshark.org/security/wnpa-sec-2024-02.html
Copyright	Copyright (C) 2025 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.