Chris Benedict

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 1.12.x through 1.12.12 **Description** The issue allows remote attackers to cause a denial of service, resulting in an infinite loop, via a crafted packet. This is related to the MMSE dissector in the epan/dissectors/packet-mmse.c file. **Recommendations** For Wireshark versions 1.12.x through 1.12.12, update to version 1.12.13 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 1.12.x through 1.12.12 Wireshark versions 2.x through 2.0.4 **Description** The issue allows remote attackers to cause a denial of service, resulting in a divide-by-zero error and application crash, via a crafted packet. This is related to the PacketBB dissector in the epan/dissectors/packet-packetbb.c file. **Recommendations** For Wireshark versions 1.12.x through 1.12.12, update to version 1.12.13 or later. For Wireshark versions 2.x through 2.0.4, update to version 2.0.5 or later.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 1.12.x through 1.12.12 Wireshark versions 2.x through 2.0.4 **Description** The issue allows remote attackers to cause a denial of service, resulting in an infinite loop, via a crafted packet. This is related to the WSP dissector in the epan/dissectors/packet-wsp.c file. **Recommendations** For Wireshark versions 1.12.x through 1.12.12, update to version 1.12.13 or later. For Wireshark versions 2.x through 2.0.4, update to version 2.0.5 or later.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 1.12.x through 1.12.10 **Description** The issue is a stack-based buffer overflow in the NCP dissector, which can be triggered by a long string in a packet, potentially causing a denial of service or other unspecified impacts. **Recommendations** For Wireshark versions 1.12.x through 1.12.10, update to version 1.12.11 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 1.12.x through 1.12.11 **Description** The issue is related to the WBXML dissector in Wireshark, where it mishandles offsets. This can be exploited by remote attackers to cause a denial of service through an integer overflow and infinite loop by sending a crafted packet. **Recommendations** For Wireshark versions 1.12.x through 1.12.11, update to version 1.12.12 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 1.12.x through 1.12.12 **Description** The issue is related to the NDS dissector in Wireshark, where the `epan/dissectors/packet-ncp2222.inc` file does not properly maintain a ptvc data structure. This allows remote attackers to cause a denial of service, resulting in a NULL pointer dereference and application crash, via a crafted packet. **Recommendations** For Wireshark versions 1.12.x through 1.12.12, update to version 1.12.13 or later to resolve the issue.