CVE-2012-4298

Name of the Vulnerable Software and Affected Versions Wireshark versions 1.8.0 through 1.8.1

Description The issue is related to an integer signedness error in the vwr read rec data ethernet function, which can lead to a buffer overflow when processing a crafted packet-trace file. This can allow user-assisted remote attackers to execute arbitrary code.

Recommendations For Wireshark versions 1.8.0 through 1.8.1, update to version 1.8.2 or later to resolve the issue. As a temporary workaround, consider avoiding the use of the Ixia IxVeriWave file parser until a patch is applied.