The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not properly handle empty input data, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libwiretap-dev-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "libwsutil-dev-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "wireshark-dev": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "wireshark-dev-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "wireshark-dbg": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "wireshark-doc": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "libwsutil4": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "libwireshark5-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "wireshark-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "libwiretap-dev": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "libwsutil-dev": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "tshark": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "libwireshark-dev": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "tshark-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "wireshark-common-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "wireshark-qt": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "libwireshark-dev-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "wireshark": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "wireshark-common": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "libwsutil4-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "libwiretap4-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "libwireshark-data": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "libwireshark5": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "libwiretap4": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1", "wireshark-qt-dbgsym": "1.12.1+g01b65bf-4+deb8u11ubuntu0.14.04.1" } ] }