Heap-based buffer overflow in wiretap/pcapng.c in Wireshark before 1.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted capture file.
http://secunia.com/advisories/43821
http://www.redhat.com/support/errata/RHSA-2011-0370.html