wnpa-sec-2016-01 · DLL hijacking vulnerability in Wireshark
Summary
Name: DLL hijacking vulnerability in Wireshark
Docid: wnpa-sec-2016-01
Date: February 26, 2016
Affected versions: 2.0.0 to 2.0.1, 1.12.0 to 1.12.9
Fixed versions: 2.0.2, 1.12.10
References:
CVE-2016-2521.
Details
Description
Wireshark is vulnerable to DLL hijacking as described in Microsoft Security Advisory 2269637. Discovered by Behzad Najjarpour Jabbari, Secunia Research at Flexera Software.
Impact
It may be possible to make Wireshark to run hostile code by placing a specially-coded DLL in the same directory as a capture file.
Resolution
Upgrade to Wireshark 2.0.2, 1.12.10 or later.