CVE-2010-3133

EUVD-2010-3133
Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as a file that automatically launches Wireshark.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 62%
Affected Products (NVD)
VendorProductVersion
wiresharkwireshark
𝑥
≤ 1.2.10
wiresharkwireshark
0.99.2
wiresharkwireshark
0.99.3
wiresharkwireshark
0.99.4
wiresharkwireshark
0.99.5
wiresharkwireshark
0.99.6
wiresharkwireshark
0.99.7
wiresharkwireshark
0.99.8
wiresharkwireshark
1.0.0
wiresharkwireshark
1.0.1
wiresharkwireshark
1.0.2
wiresharkwireshark
1.0.3
wiresharkwireshark
1.0.4
wiresharkwireshark
1.0.5
wiresharkwireshark
1.0.6
wiresharkwireshark
1.0.7
wiresharkwireshark
1.0.8
wiresharkwireshark
1.0.9
wiresharkwireshark
1.0.10
wiresharkwireshark
1.0.11
wiresharkwireshark
1.0.12
wiresharkwireshark
1.2.0
wiresharkwireshark
1.2.1
wiresharkwireshark
1.2.2
wiresharkwireshark
1.2.3
wiresharkwireshark
1.2.4
wiresharkwireshark
1.2.5
wiresharkwireshark
1.2.6
wiresharkwireshark
1.2.7
wiresharkwireshark
1.2.8
wiresharkwireshark
1.2.9
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
wireshark
bookworm
4.0.11-1~deb12u1
fixed
bookworm (security)
4.0.11-1~deb12u1
fixed
bullseye
3.4.10-0+deb11u1
fixed
bullseye (security)
3.4.16-0+deb11u1
fixed
sid
4.4.1-1
fixed
trixie
4.4.0-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
wireshark
dapper
dne
hardy
not-affected
karmic
not-affected
lucid
not-affected
maverick
not-affected
References
http://secunia.com/advisories/41064
http://www.exploit-db.com/exploits/14721/
http://www.vupen.com/english/advisories/2010/2165
http://www.vupen.com/english/advisories/2010/2243
http://www.wireshark.org/security/wnpa-sec-2010-09.html
http://www.wireshark.org/security/wnpa-sec-2010-10.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11498
http://secunia.com/advisories/41064
http://www.exploit-db.com/exploits/14721/
http://www.vupen.com/english/advisories/2010/2165
http://www.vupen.com/english/advisories/2010/2243
http://www.wireshark.org/security/wnpa-sec-2010-09.html
http://www.wireshark.org/security/wnpa-sec-2010-10.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11498