9.3

CVE-2010-3133

Exploit
Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as a file that automatically launches Wireshark.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
WiresharkWireshark Version <= 1.2.10
WiresharkWireshark Version0.99.2
WiresharkWireshark Version0.99.3
WiresharkWireshark Version0.99.4
WiresharkWireshark Version0.99.5
WiresharkWireshark Version0.99.6
WiresharkWireshark Version0.99.7
WiresharkWireshark Version0.99.8
WiresharkWireshark Version1.0.0
WiresharkWireshark Version1.0.1
WiresharkWireshark Version1.0.2
WiresharkWireshark Version1.0.3
WiresharkWireshark Version1.0.4
WiresharkWireshark Version1.0.5
WiresharkWireshark Version1.0.6
WiresharkWireshark Version1.0.7
WiresharkWireshark Version1.0.8
WiresharkWireshark Version1.0.9
WiresharkWireshark Version1.0.10
WiresharkWireshark Version1.0.11
WiresharkWireshark Version1.0.12
WiresharkWireshark Version1.2.0
WiresharkWireshark Version1.2.1
WiresharkWireshark Version1.2.2
WiresharkWireshark Version1.2.3
WiresharkWireshark Version1.2.4
WiresharkWireshark Version1.2.5
WiresharkWireshark Version1.2.6
WiresharkWireshark Version1.2.7
WiresharkWireshark Version1.2.8
WiresharkWireshark Version1.2.9
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 8.62% 0.944
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/41064
Vendor Advisory
http://www.exploit-db.com/exploits/14721/
Exploit
http://www.vupen.com/english/advisories/2010/2165
Vendor Advisory
http://www.vupen.com/english/advisories/2010/2243
http://www.wireshark.org/security/wnpa-sec-2010-09.html
Vendor Advisory
http://www.wireshark.org/security/wnpa-sec-2010-10.html
Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11498