CVE-2009-3550

Name of the Vulnerable Software and Affected Versions Wireshark versions 0.10.10 through 1.0.9 Wireshark versions 1.2.0 through 1.2.2

Description The issue allows remote attackers to cause a denial of service, leading to a disruption in the confidentiality, integrity, and availability of protected information. This can be achieved through a file that records a malformed packet trace, resulting in a NULL pointer dereference and application crash.

Recommendations For Wireshark versions 0.10.10 through 1.0.9, update to a version outside of this range to resolve the issue. For Wireshark versions 1.2.0 through 1.2.2, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting access to the DCERPC/NT dissector in Wireshark until a patch is available.