๐ Wireshark 1.6.0 up to 1.8.7 HTTP Dissector packet-http.c http_payload_subdissector Crafted Packet memory corruption
๐ก Newskategorie: Sicherheitslรผcken
๐ Quelle: vuldb.com
A vulnerability has been found in Wireshark (Packet Analyzer Software) and classified as critical. This vulnerability affects the function http_payload_subdissector
of the file packet-http.c of the component HTTP Dissector. Upgrading to version 1.6.16 or 1.8.8 eliminates this vulnerability. The upgrade is hosted for download at wireshark.org. Applying a patch is able to eliminate this problem. The bugfix is ready for download at anonsvn.wireshark.org. The best possible mitigation is suggested to be upgrading to the latest version. A possible mitigation has been published 2 weeks after the disclosure of the vulnerability. ...