{
  "id": "CVE-2023-0668",
  "sourceIdentifier": "cve@takeonme.org",
  "published": "2023-06-07T03:15:09.193",
  "lastModified": "2023-06-07T12:52:33.093",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "Due to failure in validating the length provided by an attacker-crafted IEEE-C37.118 packet, Wireshark version 4.0.5 and prior, by default, is susceptible to a heap-based buffer overflow, and possibly code execution in the context of the process running Wireshark."
    }
  ],
  "metrics": {},
  "weaknesses": [
    {
      "source": "cve@takeonme.org",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://gitlab.com/wireshark/wireshark/-/issues/19087",
      "source": "cve@takeonme.org"
    },
    {
      "url": "https://takeonme.org/cves/CVE-2023-0668.html",
      "source": "cve@takeonme.org"
    },
    {
      "url": "https://www.wireshark.org/docs/relnotes/wireshark-4.0.6.html",
      "source": "cve@takeonme.org"
    },
    {
      "url": "https://www.wireshark.org/security/wnpa-sec-2023-19.html",
      "source": "cve@takeonme.org"
    }
  ]
}