CVE-2010-3133 Information

Description

Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local users and possibly remote attackers to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll and possibly other DLLs that is located in the same folder as a file that automatically launches Wireshark.

Reference

http://secunia.com/advisories/41064 http://www.exploit-db.com/exploits/14721/ http://www.vupen.com/english/advisories/2010/2165 http://www.vupen.com/english/advisories/2010/2243 http://www.wireshark.org/security/wnpa-sec-2010-09.html http://www.wireshark.org/security/wnpa-sec-2010-10.html https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A11498