9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.4 High
AI Score
Confidence
Low
0.017 Low
EPSS
Percentile
87.8%
Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as a file that automatically launches Wireshark.
secunia.com/advisories/41064
www.exploit-db.com/exploits/14721/
www.vupen.com/english/advisories/2010/2165
www.vupen.com/english/advisories/2010/2243
www.wireshark.org/security/wnpa-sec-2010-09.html
www.wireshark.org/security/wnpa-sec-2010-10.html
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11498