CVE-2010-3133

Wireshark <1.2.10 - RCE

Title source: llm

Description

Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as a file that automatically launches Wireshark.

Exploits (1)

exploitdb WORKING POC VERIFIED

by TheLeader · clocalwindows

https://www.exploit-db.com/exploits/14721

View Code ZIP pw:eip

References (7)

[Vendor Advisory] http://secunia.com/advisories/41064

[Exploit] http://www.exploit-db.com/exploits/14721/

[Vendor Advisory] http://www.vupen.com/english/advisories/2010/2165

[Vendor Advisory] http://www.wireshark.org/security/wnpa-sec-2010-09.html

[Vendor Advisory] http://www.wireshark.org/security/wnpa-sec-2010-10.html

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11498

[Third Party Advisory] http://www.vupen.com/english/advisories/2010/2243

Scores

EPSS 0.0044

EPSS Percentile 63.3%

Details

Status published

Products (31)

wireshark/wireshark 0.99.2

wireshark/wireshark 0.99.3

wireshark/wireshark 0.99.4

wireshark/wireshark 0.99.5

wireshark/wireshark 0.99.6

wireshark/wireshark 0.99.7

wireshark/wireshark 0.99.8

wireshark/wireshark 1.0.0

wireshark/wireshark 1.0.1

wireshark/wireshark 1.0.2

... and 21 more

Published Aug 26, 2010

Tracked Since Feb 18, 2026