CVE-2017-9616 Wireshark Multiple Stack Exhaustion Vulnerabilities

Wireshark is a network protocol analyzer available for multiple operating systems. It lets you capture and interactively browse the traffic running on a computer network.

Multiple vulnerabilities were reported in Wireshark. A remote user can cause denial of service conditions on the target system.
Overly deep mp4 chunks may cause stack exhaustion (uncontrolled recursion) in the dissect_mp4_box function. (CVE-2017-9616)
Deeply nested DAAP data may cause stack exhaustion (uncontrolled recursion) in the dissect_daap_one_tag function.(CVE-2017-9617)

Affected Versions:
Wireshark 2.2.7

QID Detection Logic (authenticated):
The QID checks for vulnerable version of "wireshark.exe". The location of the file is determined by the registry key "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wireshark" value "UninstallString".

Successful exploitation of the vulnerability will cause disruption of Service.

Currently there is no fix released by the vendor.