KLA10649
Denial of service vulnerabilities in Wireshark

An unspecified vulnerabilities were found in Wireshark. By exploiting these vulnerabilities malicious users can cause denial of service. These vulnerabilities can be exploited remotely via a specially designed file or network packet.

Technical details

This vulnerability related to next conditions:

1. Adding item to protocol tree;
2. Ptvcursor length checking;
3. WCCP, OpenFlow, GSM RLC/MAC, ZigBee, WaveAgent dissectors acting;
4. Attempt to free invalid memory;
5. Searching protocol dissector.

As result of exploitation there are two kinds DoS: crash or consume excessive CPU resources.

Wireshark versions earlier than 1.12.7

Update to the latest version
Get Wireshark