CVE-2011-4100

Name of the Vulnerable Software and Affected Versions Wireshark versions 1.6.x through 1.6.2

Description The issue is related to the csnStreamDissector function in the CSN.1 dissector, which does not initialize a certain variable. This allows remote attackers to cause a denial of service, resulting in an application crash, via a malformed packet.

Recommendations For Wireshark versions 1.6.x through 1.6.2, update to version 1.6.3 or later to resolve the issue. As a temporary workaround, consider restricting the use of the CSN.1 dissector to minimize the risk of exploitation.