CVE-2010-3133
Description
Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as a file that automatically launches Wireshark.
Risk Information
Base Score
7.8
MODERATE
Vector
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.441
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2010-3133 are fixed in Wireshark x64 1.0.16 | Windows |
| Vulnerabilities CVE-2010-3133 are fixed in Wireshark x64 1.2.11 | Windows |
| Vulnerability CVE-2010-3133 are affected in Wireshark (X64) 1.2.10 | Windows |
| Vulnerabilities CVE-2010-3133 are fixed in Wireshark for Mac 1.2.11 | Mac |
| Vulnerabilities CVE-2010-3133 are fixed in Wireshark for Mac 1.0.16 | Mac |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-338541 | Wireshark (3.6.24) |
| PATCH-338541 | Wireshark (3.6.24) |
| PATCH-343288 | Wireshark (X64) (4.4.2) |
| PATCH-612949 | WireShark for Mac (4.6.2) |
| PATCH-612949 | WireShark for Mac (4.6.2) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234