Florent Drouin

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 0.99.2 through 1.0.3 **Description** The issue allows remote attackers to cause a denial of service, resulting in an application crash or abort, by sending a packet with an invalid length. This is related to an erroneous `tvb memcpy` call in the `dissect btacl` function within the Bluetooth ACL dissector. **Recommendations** For Wireshark versions 0.99.2 through 1.0.3, consider updating to a version where this issue is fixed, as using a packet with an invalid length could cause the application to crash. At the moment, there is no information about a newer version that contains a fix for this vulnerability.