CVE-2010-3133

Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as a file that automatically launches Wireshark.

Affected Software

Name	Vendor	Start Version	End Version
Wireshark	Wireshark	0.99.8	0.99.8
Wireshark	Wireshark	1.2.7	1.2.7
Wireshark	Wireshark	0.99.3	0.99.3
Wireshark	Wireshark	1.0.9	1.0.9
Wireshark	Wireshark	*	1.2.10
Wireshark	Wireshark	1.2.6	1.2.6
Wireshark	Wireshark	1.2.8	1.2.8
Wireshark	Wireshark	1.0.1	1.0.1
Wireshark	Wireshark	1.2.0	1.2.0
Wireshark	Wireshark	1.2.3	1.2.3
Wireshark	Wireshark	0.99.6	0.99.6
Wireshark	Wireshark	1.0.2	1.0.2
Wireshark	Wireshark	0.99.2	0.99.2
Wireshark	Wireshark	1.0.4	1.0.4
Wireshark	Wireshark	1.0.3	1.0.3
Wireshark	Wireshark	1.0.6	1.0.6
Wireshark	Wireshark	1.0.10	1.0.10
Wireshark	Wireshark	1.2.5	1.2.5
Wireshark	Wireshark	1.2.1	1.2.1
Wireshark	Wireshark	1.0.12	1.0.12
Wireshark	Wireshark	1.0.8	1.0.8
Wireshark	Wireshark	1.0.5	1.0.5
Wireshark	Wireshark	1.2.4	1.2.4
Wireshark	Wireshark	0.99.5	0.99.5
Wireshark	Wireshark	1.2.9	1.2.9
Wireshark	Wireshark	1.2.2	1.2.2
Wireshark	Wireshark	0.99.4	0.99.4
Wireshark	Wireshark	1.0.0	1.0.0
Wireshark	Wireshark	1.0.11	1.0.11
Wireshark	Wireshark	0.99.7	0.99.7
Wireshark	Wireshark	1.0.7	1.0.7

NVD	https://nvd.nist.gov/vuln/detail/CVE-2010-3133
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References