The AirPDcapPacketProcess function in epan/crypt/airpdcap.c in the 802.11 dissector in Wireshark 1.12.x prior to 1.12.9 and 2.0.x prior to 2.0.1 does not validate the relationship between the total length and the capture length, which allows remote malicious users to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wireshark wireshark 1.12.4 |
||
wireshark wireshark 1.12.5 |
||
wireshark wireshark 1.12.0 |
||
wireshark wireshark 1.12.2 |
||
wireshark wireshark 1.12.1 |
||
wireshark wireshark 1.12.7 |
||
wireshark wireshark 1.12.6 |
||
wireshark wireshark 1.12.3 |
||
wireshark wireshark 1.12.8 |