Candidate: CVE-2011-2174
PublicDate: 2011-06-06 19:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2174
 http://www.wireshark.org/security/wnpa-sec-2011-07.html
 http://www.wireshark.org/security/wnpa-sec-2011-08.html
Description:
 Double free vulnerability in the tvb_uncompress function in epan/tvbuff.c
 in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 allows remote
 attackers to cause a denial of service (application crash) via a packet
 with malformed data that uses zlib compression.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5908
 https://bugzilla.redhat.com/show_bug.cgi?id=710097
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_wireshark:
 upstream: http://anonsvn.wireshark.org/viewvc?view=revision&revision=37081
upstream_wireshark: released (1.4.7)
hardy_wireshark: ignored (reached end-of-life)
lucid_wireshark: ignored (reached end-of-life)
maverick_wireshark: released (1.2.11-6+squeeze2build0.10.10.1)
natty_wireshark: ignored (reached end-of-life)
oneiric_wireshark: not-affected (1.6.0-1)
precise_wireshark: not-affected (1.6.0-1)
quantal_wireshark: not-affected (1.6.0-1)
raring_wireshark: not-affected (1.6.0-1)
saucy_wireshark: not-affected (1.6.0-1)
devel_wireshark: not-affected (1.6.0-1)