CVE-2010-3133

Name of the Vulnerable Software and Affected Versions Wireshark versions 0.8.4 through 1.0.15 Wireshark versions 1.2.0 through 1.2.10

Description The issue allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as a file that automatically launches Wireshark.

Recommendations For Wireshark versions 0.8.4 through 1.0.15, consider disabling the automatic launch of Wireshark from files in untrusted folders to minimize the risk of exploitation. For Wireshark versions 1.2.0 through 1.2.10, restrict access to the airpcap.dll and other potentially vulnerable DLLs to prevent DLL hijacking attacks until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.