Buffer overflow vulnerability in Wireshark

by George Chetcuti [Published on 11 March 2014 / Last Updated on 11 March 2014]

Wesley Neelen from Hoffmann Investigations discovered an MPEG file parser buffer overflow in Wireshark.

It may be possible to make Wireshark crash or execute malicious code by convincing someone to read a malformed packet trace file. The latest version of Wireshark (1.8.13) is not vulnerable to these issues, therefore it is recommended to upgrade to versions 1.10.6, 1.8.13 or later.

Read the Security Advisory here - http://www.wireshark.org/security/wnpa-sec-2014-04.html

Add Review or Comment

See Also

Featured Links