Candidate: CVE-2012-1596
PublicDate: 2012-04-11 10:39:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1596
 http://www.openwall.com/lists/oss-security/2012/03/28
 http://www.wireshark.org/security/wnpa-sec-2012-07.html
Description:
 The mp2t_process_fragmented_payload function in
 epan/dissectors/packet-mp2t.c in the MP2T dissector in Wireshark 1.4.x
 before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a
 denial of service (application crash) via a packet containing an invalid
 pointer value that triggers an incorrect memory-allocation attempt.
Ubuntu-Description:
Notes:
 tyhicks> Versions affected: 1.4.0 to 1.4.11, 1.6.0 to 1.6.5 
Bugs:
 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6833
Priority: negligible
Discovered-by:
Assigned-to:
CVSS: 

Patches_wireshark:
 upstream: http://anonsvn.wireshark.org/viewvc?view=revision&revision=40978 (maybe)
upstream_wireshark: released (1.4.12, 1.6.6)
hardy_wireshark: not-affected
lucid_wireshark: not-affected
maverick_wireshark: not-affected
natty_wireshark: ignored (reached end-of-life)
oneiric_wireshark: ignored (reached end-of-life)
precise_wireshark: not-affected (1.6.6-1)
quantal_wireshark: not-affected (1.6.6-1)
raring_wireshark: not-affected (1.6.6-1)
devel_wireshark: not-affected (1.6.6-1)