Candidate: CVE-2012-4292
PublicDate: 2012-08-16 10:38:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4292
 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7569
 http://www.wireshark.org/security/wnpa-sec-2012-21.html
 http://anonsvn.wireshark.org/viewvc?view=revision&revision=44380
 http://anonsvn.wireshark.org/viewvc?view=revision&revision=44366
 http://anonsvn.wireshark.org/viewvc/trunk/epan/emem.c?r1=44380&r2=44379&pathrev=44380
 http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-stun.c?r1=44366&r2=44365&pathrev=44366
Description:
 The dissect_stun_message function in epan/dissectors/packet-stun.c in the
 STUN dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and
 1.8.x before 1.8.2 does not properly interact with key-destruction behavior
 in a certain tree library, which allows remote attackers to cause a denial
 of service (application crash) via a malformed packet.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_wireshark:
upstream_wireshark: released (1.4.15, 1.6.10, 1.8.2)
hardy_wireshark: ignored (reached end-of-life)
lucid_wireshark: not-affected (1.2.7-1)
natty_wireshark: ignored (reached end-of-life)
oneiric_wireshark: ignored (reached end-of-life)
precise_wireshark: ignored (reached end-of-life)
precise/esm_wireshark: DNE (precise was needed)
quantal_wireshark: ignored (reached end-of-life)
raring_wireshark: ignored (reached end-of-life)
saucy_wireshark: ignored (reached end-of-life)
trusty_wireshark: not-affected (1.10.6-1)
trusty/esm_wireshark: not-affected (1.10.6-1)
utopic_wireshark: not-affected (1.12.0+git+4fab41a1-1)
vivid_wireshark: not-affected (1.12.1+g01b65bf-2)
vivid/stable-phone-overlay_wireshark: DNE
vivid/ubuntu-core_wireshark: DNE
wily_wireshark: not-affected (1.12.1+g01b65bf-2)
xenial_wireshark: not-affected (1.12.1+g01b65bf-2)
yakkety_wireshark: not-affected (1.12.1+g01b65bf-2)
zesty_wireshark: not-affected (1.12.1+g01b65bf-2)
devel_wireshark: not-affected (1.12.1+g01b65bf-2)