Vulnerability Details CVE-2007-5756
Multiple array index errors in the bpf_filter_init function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode (aka Table Management Extensions or TME), and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.0%
CVSS Severity
CVSS v2 Score 6.9
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=625
- http://secunia.com/advisories/27676
- http://www.securityfocus.com/bid/26409
- http://www.securitytracker.com/id?1018935
- http://www.vupen.com/english/advisories/2007/3835
- http://www.winpcap.org/misc/changelog.htm
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38433
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=625
- http://secunia.com/advisories/27676
- http://www.securityfocus.com/bid/26409
- http://www.securitytracker.com/id?1018935
- http://www.vupen.com/english/advisories/2007/3835
- http://www.winpcap.org/misc/changelog.htm
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38433
Products affected by CVE-2007-5756
-
cpe:2.3:a:winpcap:winpcap:1.0
-
cpe:2.3:a:winpcap:winpcap:2.0
-
cpe:2.3:a:winpcap:winpcap:2.02
-
cpe:2.3:a:winpcap:winpcap:2.1
-
cpe:2.3:a:winpcap:winpcap:2.2
-
cpe:2.3:a:winpcap:winpcap:2.3
-
cpe:2.3:a:winpcap:winpcap:3.0
-
cpe:2.3:a:winpcap:winpcap:3.01
-
cpe:2.3:a:winpcap:winpcap:3.1
-
cpe:2.3:a:winpcap:winpcap:3.1.0.27
-
cpe:2.3:a:winpcap:winpcap:3.1_beta4
-
cpe:2.3:a:winpcap:winpcap:3.2
-
cpe:2.3:a:winpcap:winpcap:4.0
-
cpe:2.3:a:winpcap:winpcap:4.0.0.1040
-
cpe:2.3:a:winpcap:winpcap:4.0.1