epan/dissectors/packet-wbxml.c in the WBXML dissector in Wireshark 2.x before 2.0.5 does not restrict the recursion depth, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12663
http://www.wireshark.org/security/wnpa-sec-2016-49.html