Wireshark 0.8.20 through 1.2.8 Multiple Vulnerabilities

Wireshark is prone to multiple denial-of-service and buffer-overflow vulnerabilities.

Exploiting these issues may allow attackers to crash the application and deny service to legitimate users. Attackers may also execute arbitrary code in the context of vulnerable users running the application.

These issues affect Wireshark 0.8.20 through 1.2.8.

Update (July 29, 2010): Some of these issues were not properly addressed in Wireshark 1.0.14 and 1.2.9, as originally reported; Wireshark 1.0.15 and 1.2.10 contain additional fixes for some of these issues.


Privacy Statement
Copyright 2010, SecurityFocus