Name: Vulnerabilities in Wireshark
Date: July 29, 2010
Versions affected: 0.10.8 up to and including 1.0.14
Related: wnpa-sec-2010-08 (Multiple vulnerbilities in Wireshark
Wireshark 1.0.15 fixes the following vulnerabilities:
It may be possible to make Wireshark crash, hang, or execute code by injecting a series of malformed packets onto the wire or by convincing someone to read a malformed packet trace file.
Upgrade to Wireshark 1.0.15 or later. Due to the nature of these bugs we do not recommend trying to work around the problem by disabling dissectors.