Red Hat Bugzilla – Bug 697741
CVE-2011-1590 Wireshark: Use-after-free causes heap-based buffer overflow in X.509if dissector
Last modified: 2016-03-04 07:01:52 EST
A Use-after-free flaw causing a heap-based buffer overflow was found in the
X.509if dissector of Wireshark 1.2.0 to 1.2.15 and 1.4.0 to 1.4.4.
A remote attacker could use this flaw to cause wireshark executable
to crash or, potentially, execute arbitrary code with the privileges
of the user running wireshark.
Created wireshark tracking bugs for this issue
Affects: fedora-all [bug 697747]
This issue was addressed in Fedora 14 and Fedora 15 via:
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Via RHSA-2012:0509 https://rhn.redhat.com/errata/RHSA-2012-0509.html
This issue does not affect the version of wireshark package as shipped with Red Hat Enterprise Linux 4 and 5. This issue was fixed in Red Hat Enterprise Linux 6 via RHSA-2012:0509.