wireshark is vulnerable to arbitrary code execution. The vulnerability exists as multiple buffer overflow flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malformed dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark.
lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html
osvdb.org/51815
secunia.com/advisories/33872
secunia.com/advisories/34144
secunia.com/advisories/34264
secunia.com/advisories/34344
support.avaya.com/elmodocs2/security/ASA-2009-082.htm
wiki.rpath.com/Advisories:rPSA-2009-0040
www.redhat.com/security/updates/classification/#important
www.redhat.com/support/errata/RHSA-2009-0313.html
www.securityfocus.com/archive/1/501763/100/0/threaded
www.securityfocus.com/bid/33690
www.securitytracker.com/id?1021697
www.vupen.com/english/advisories/2009/0370
www.wireshark.org/security/wnpa-sec-2009-01.html
access.redhat.com/errata/RHSA-2009:0313
bugs.wireshark.org/bugzilla/attachment.cgi?id=2590
issues.rpath.com/browse/RPL-2984
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14732
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9677
www.redhat.com/archives/fedora-package-announce/2009-March/msg00652.html