CVE-2024-4855

CVSS 3.1 Score 3.6 of 10 (low)

Details

Published May 14, 2024
Updated: Jun 10, 2024
CWE ID 416

Summary

CVE-2024-4855 is a use-after-free vulnerability affecting the editcap software. Maliciously crafted capture files can exploit this issue, leading to a denial-of-service condition. The vulnerability occurs due to improper memory handling in the editcap application, allowing attackers to manipulate the software and cause unintended behavior. Successful exploitation results in the software becoming unresponsive or crashing, rendering it unable to perform its intended function. This vulnerability poses a significant risk for networks and systems that use editcap for managing network traffic data.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • Wireshark

Affected Vendors

  • Wireshark Foundation