Version 1.4.11 and 1.6.5 of the open source Wireshark network protocol analyzer were recently released.
"The maintenance and security updates to the cross-platform tool fix several vulnerabilities that could be exploited by an attacker to cause a denial-of-service (DoS) or compromise a victim's system," The H Security reports.
"The vulnerabilities include a NULL pointer deference error when displaying packet information, issues in the file parser that cause Wireshark to fail to properly check record sizes for a number of packet capture formats, and an RLC dissector buffer overflow bug," the article states.
Go to "Wireshark 1.4.x and 1.6.x updates close security holes" to read the details.
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.