CVE-2012-0068

Name of the Vulnerable Software and Affected Versions Wireshark versions 1.4.x through 1.4.10 Wireshark versions 1.6.x through 1.6.4

Description The issue allows remote attackers to cause a denial of service, resulting in an application crash. This can be achieved by providing a Novell capture file that contains a record which is too small. The estimated number of potentially affected devices worldwide is not specified. There is no information available about real-world incidents where this issue was exploited.

Recommendations For Wireshark versions 1.4.x through 1.4.10, update to version 1.4.11 or later. For Wireshark versions 1.6.x through 1.6.4, update to version 1.6.5 or later. As a temporary workaround, consider avoiding the use of Novell capture files until a patch is applied.