CVE-2008-3146

Description

Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used.

Software From Fixed in
wireshark / wireshark 0.9.7 0.9.7.x
wireshark / wireshark 0.9.8 0.9.8.x
wireshark / wireshark 0.99 0.99.x
wireshark / wireshark 0.99.0 0.99.0.x
wireshark / wireshark 0.99.1 0.99.1.x
wireshark / wireshark 0.99.2 0.99.2.x
wireshark / wireshark 0.99.3 0.99.3.x
wireshark / wireshark 0.99.4 0.99.4.x
wireshark / wireshark 0.99.5 0.99.5.x
wireshark / wireshark 0.99.6 0.99.6.x
wireshark / wireshark 0.99.6a 0.99.6a.x
wireshark / wireshark 0.99.7 0.99.7.x
wireshark / wireshark 0.99.8 0.99.8.x
wireshark / wireshark 1.0 1.0.x
wireshark / wireshark 1.0.0 1.0.0.x
wireshark / wireshark 1.0.1 1.0.1.x
wireshark / wireshark 1.0.2 1.0.2.x