Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used.
Software | From | Fixed in |
---|---|---|
wireshark / wireshark | 0.9.7 | 0.9.7.x |
wireshark / wireshark | 0.9.8 | 0.9.8.x |
wireshark / wireshark | 0.99 | 0.99.x |
wireshark / wireshark | 0.99.0 | 0.99.0.x |
wireshark / wireshark | 0.99.1 | 0.99.1.x |
wireshark / wireshark | 0.99.2 | 0.99.2.x |
wireshark / wireshark | 0.99.3 | 0.99.3.x |
wireshark / wireshark | 0.99.4 | 0.99.4.x |
wireshark / wireshark | 0.99.5 | 0.99.5.x |
wireshark / wireshark | 0.99.6 | 0.99.6.x |
wireshark / wireshark | 0.99.6a | 0.99.6a.x |
wireshark / wireshark | 0.99.7 | 0.99.7.x |
wireshark / wireshark | 0.99.8 | 0.99.8.x |
wireshark / wireshark | 1.0 | 1.0.x |
wireshark / wireshark | 1.0.0 | 1.0.0.x |
wireshark / wireshark | 1.0.1 | 1.0.1.x |
wireshark / wireshark | 1.0.2 | 1.0.2.x |