Karol Rosłaniec

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 1.12.x through 1.12.8 Wireshark versions 2.0.x through 2.0.0 **Description** The issue is related to the NBAP dissector in Wireshark, where conversation data is not properly validated. This allows remote attackers to cause a denial of service, resulting in a NULL pointer dereference and application crash, via a crafted packet. **Recommendations** For Wireshark versions 1.12.x through 1.12.8, update to version 1.12.9 or later. For Wireshark versions 2.0.x through 2.0.0, update to version 2.0.1 or later.

**Name of the Vulnerable Software and Affected Versions** Wireshark versions 1.12.x through 1.12.8 **Description** The issue is related to the dissect hsdsch channel info function in the UMTS FP dissector, which does not validate the number of PDUs. This allows remote attackers to cause a denial of service, resulting in an application crash, via a crafted packet. **Recommendations** For Wireshark versions 1.12.x through 1.12.8, update to version 1.12.9 or later to resolve the issue.