Candidate: CVE-2011-4102
PublicDate: 2011-11-03 15:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4102
 http://www.wireshark.org/security/wnpa-sec-2011-19.html
Description:
 Heap-based buffer overflow in the erf_read_header function in wiretap/erf.c
 in the ERF file parser in Wireshark 1.4.0 through 1.4.9 and 1.6.x before
 1.6.3 allows remote attackers to cause a denial of service (application
 crash) via a malformed file.
Ubuntu-Description:
Notes:
Bugs:
 https://bugzilla.redhat.com/show_bug.cgi?id=750648
 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6479
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_wireshark:
 upstream: http://anonsvn.wireshark.org/viewvc?view=revision&revision=39508
upstream_wireshark: released (1.6.3)
hardy_wireshark: ignored (reached end-of-life)
lucid_wireshark: ignored (reached end-of-life)
maverick_wireshark: released (1.2.11-6+squeeze5build0.10.10.1)
natty_wireshark: ignored (reached end-of-life)
oneiric_wireshark: ignored (reached end-of-life)
precise_wireshark: not-affected (1.6.3-1)
quantal_wireshark: not-affected (1.6.3-1)
raring_wireshark: not-affected (1.6.3-1)
saucy_wireshark: not-affected (1.6.3-1)
devel_wireshark: not-affected (1.6.3-1)