Wireshark-bugs: [Wireshark-bugs] [Bug 6747] New: Wireshark affected by Windows GTK String Handli

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Wed, 18 Jan 2012 07:12:51 -0800 (PST)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6747

           Summary: Wireshark affected by Windows GTK String Handling
                    Crash
           Product: Wireshark
           Version: unspecified
          Platform: All
        OS/Version: Windows 7
            Status: NEW
          Severity: Critical
          Priority: Low
         Component: Wireshark
        AssignedTo: bugzilla-admin@xxxxxxxxxxxxx
        ReportedBy: armin.ronacher@xxxxxxxxxxxx


Build Information:
Version 1.6.5 (SVN Rev 40429 from /trunk-1.6)
--
Wireshark is affected by the GTK utf-8 string handling bug that crashes the
application (https://bugzilla.gnome.org/show_bug.cgi?id=668154)

To crash wireshark just copy/paste the string in question into the filter input
field and hit "apply".

I am not sure if it's remotely exploitable and in lack of debug symbols for GTK
I am left guessing what it actually is.  I would assume it's a buffer overflow
but I can't say for sure.

Considering Wireshark shows potentially untrusted data I think it might be
worth an investigation.

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.