CVE-2007-5756

Multiple array index errors in the bpf_filter_init function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode (aka Table Management Extensions or TME), and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests.
Configurations

Configuration 1 (hide)

cpe:2.3:a:winpcap:winpcap:*:*:*:*:*:*:*:*

History

09 Feb 2024, 03:13

Type Values Removed Values Added
CWE CWE-119 CWE-129
CPE cpe:2.3:a:winpcap:winpcap:4.0.1:*:*:*:*:*:*:* cpe:2.3:a:winpcap:winpcap:*:*:*:*:*:*:*:*
References (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/38433 - (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/38433 - Third Party Advisory, VDB Entry
References (VUPEN) http://www.vupen.com/english/advisories/2007/3835 - (VUPEN) http://www.vupen.com/english/advisories/2007/3835 - Broken Link
References (SECUNIA) http://secunia.com/advisories/27676 - Patch, Vendor Advisory (SECUNIA) http://secunia.com/advisories/27676 - Broken Link, Patch, Vendor Advisory
References (SECTRACK) http://www.securitytracker.com/id?1018935 - (SECTRACK) http://www.securitytracker.com/id?1018935 - Broken Link, Third Party Advisory, VDB Entry
References (BID) http://www.securityfocus.com/bid/26409 - (BID) http://www.securityfocus.com/bid/26409 - Broken Link, Third Party Advisory, VDB Entry
References (IDEFENSE) http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=625 - (IDEFENSE) http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=625 - Broken Link
References (CONFIRM) http://www.winpcap.org/misc/changelog.htm - (CONFIRM) http://www.winpcap.org/misc/changelog.htm - Release Notes

Information

Published : 2007-11-14 01:46

Updated : 2024-02-28 11:01


NVD link : CVE-2007-5756

Mitre link : CVE-2007-5756

CVE.ORG link : CVE-2007-5756


JSON object : View

Products Affected

winpcap

  • winpcap
CWE
CWE-129

Improper Validation of Array Index