It was reported that Wireshark's MPEG file parser could overflow a buffer. It may be possible to make Wireshark crash or execute malicious code by convincing someone to read a malformed packet trace file. This is reported to affect Wireshark versions 1.10.0 to 1.10.5 and 1.8.0 to 1.8.12. It is fixed in 1.10.6 and 1.8.13. https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9843 External References: http://www.wireshark.org/security/wnpa-sec-2014-04.html
Created wireshark tracking bugs for this issue: Affects: fedora-all [bug 1074118]
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2014:0342 https://rhn.redhat.com/errata/RHSA-2014-0342.html
This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2014:0341 https://rhn.redhat.com/errata/RHSA-2014-0341.html