Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    4 vulnerabilities by winpcap

    CVE-2007-5756 (GCVE-0-2007-5756)

    Vulnerability from nvd – Published: 2007-11-14 01:00 – Updated: 2024-08-07 15:39
    VLAI
    Summary
    Multiple array index errors in the bpf_filter_init function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode (aka Table Management Extensions or TME), and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    http://www.winpcap.org/misc/changelog.htm x_refsource_CONFIRM
    http://www.securitytracker.com/id?1018935 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/26409 vdb-entryx_refsource_BID
    http://secunia.com/advisories/27676 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2007/3835 vdb-entryx_refsource_VUPEN
    Date Public
    2007-11-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:39:13.725Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20071112 WinPcap NPF.SYS bpf_filter_init Arbitrary Array Indexing Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=625"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.winpcap.org/misc/changelog.htm"
              },
              {
                "name": "1018935",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018935"
              },
              {
                "name": "26409",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26409"
              },
              {
                "name": "27676",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27676"
              },
              {
                "name": "winpcap-bpffilterinit-code-execution(38433)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38433"
              },
              {
                "name": "ADV-2007-3835",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3835"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-11-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple array index errors in the bpf_filter_init function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode (aka Table Management Extensions or TME), and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20071112 WinPcap NPF.SYS bpf_filter_init Arbitrary Array Indexing Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=625"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.winpcap.org/misc/changelog.htm"
            },
            {
              "name": "1018935",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018935"
            },
            {
              "name": "26409",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26409"
            },
            {
              "name": "27676",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27676"
            },
            {
              "name": "winpcap-bpffilterinit-code-execution(38433)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38433"
            },
            {
              "name": "ADV-2007-3835",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3835"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5756",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple array index errors in the bpf_filter_init function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode (aka Table Management Extensions or TME), and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20071112 WinPcap NPF.SYS bpf_filter_init Arbitrary Array Indexing Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=625"
                },
                {
                  "name": "http://www.winpcap.org/misc/changelog.htm",
                  "refsource": "CONFIRM",
                  "url": "http://www.winpcap.org/misc/changelog.htm"
                },
                {
                  "name": "1018935",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018935"
                },
                {
                  "name": "26409",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26409"
                },
                {
                  "name": "27676",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27676"
                },
                {
                  "name": "winpcap-bpffilterinit-code-execution(38433)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38433"
                },
                {
                  "name": "ADV-2007-3835",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3835"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5756",
        "datePublished": "2007-11-14T01:00:00.000Z",
        "dateReserved": "2007-10-31T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:39:13.725Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3681 (GCVE-0-2007-3681)

    Vulnerability from nvd – Published: 2007-07-11 17:00 – Updated: 2024-08-07 14:28
    VLAI
    Summary
    The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1018350 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.winpcap.org/misc/changelog.htm x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/4165 exploitx_refsource_EXPLOIT-DB
    http://secunia.com/advisories/25982 third-party-advisoryx_refsource_SECUNIA
    http://osvdb.org/37889 vdb-entryx_refsource_OSVDB
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    http://www.securityfocus.com/bid/24829 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/473270/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/473297/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/473301/100… mailing-listx_refsource_BUGTRAQ
    http://www.vupen.com/english/advisories/2007/2468 vdb-entryx_refsource_VUPEN
    Date Public
    2007-07-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:28:51.997Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1018350",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1018350"
              },
              {
                "name": "winpcap-npf-code-execution(35309)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35309"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.winpcap.org/misc/changelog.htm"
              },
              {
                "name": "4165",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/4165"
              },
              {
                "name": "25982",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25982"
              },
              {
                "name": "37889",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/37889"
              },
              {
                "name": "20070709 WinPcap NPF.SYS Local Privilege Escalation Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=550"
              },
              {
                "name": "24829",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24829"
              },
              {
                "name": "20070709 WinPcap NPF.SYS Privilege Elevation Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/473270/100/0/threaded"
              },
              {
                "name": "20070710 Re: WinPcap NPF.SYS Privilege Elevation Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/473297/100/0/threaded"
              },
              {
                "name": "20070710 Re: Re: WinPcap NPF.SYS Privilege Elevation Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/473301/100/0/threaded"
              },
              {
                "name": "ADV-2007-2468",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2468"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-07-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1018350",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1018350"
            },
            {
              "name": "winpcap-npf-code-execution(35309)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35309"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.winpcap.org/misc/changelog.htm"
            },
            {
              "name": "4165",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/4165"
            },
            {
              "name": "25982",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25982"
            },
            {
              "name": "37889",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/37889"
            },
            {
              "name": "20070709 WinPcap NPF.SYS Local Privilege Escalation Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=550"
            },
            {
              "name": "24829",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24829"
            },
            {
              "name": "20070709 WinPcap NPF.SYS Privilege Elevation Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/473270/100/0/threaded"
            },
            {
              "name": "20070710 Re: WinPcap NPF.SYS Privilege Elevation Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/473297/100/0/threaded"
            },
            {
              "name": "20070710 Re: Re: WinPcap NPF.SYS Privilege Elevation Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/473301/100/0/threaded"
            },
            {
              "name": "ADV-2007-2468",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2468"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3681",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1018350",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1018350"
                },
                {
                  "name": "winpcap-npf-code-execution(35309)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35309"
                },
                {
                  "name": "http://www.winpcap.org/misc/changelog.htm",
                  "refsource": "CONFIRM",
                  "url": "http://www.winpcap.org/misc/changelog.htm"
                },
                {
                  "name": "4165",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/4165"
                },
                {
                  "name": "25982",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25982"
                },
                {
                  "name": "37889",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/37889"
                },
                {
                  "name": "20070709 WinPcap NPF.SYS Local Privilege Escalation Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=550"
                },
                {
                  "name": "24829",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24829"
                },
                {
                  "name": "20070709 WinPcap NPF.SYS Privilege Elevation Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/473270/100/0/threaded"
                },
                {
                  "name": "20070710 Re: WinPcap NPF.SYS Privilege Elevation Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/473297/100/0/threaded"
                },
                {
                  "name": "20070710 Re: Re: WinPcap NPF.SYS Privilege Elevation Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/473301/100/0/threaded"
                },
                {
                  "name": "ADV-2007-2468",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2468"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3681",
        "datePublished": "2007-07-11T17:00:00.000Z",
        "dateReserved": "2007-07-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:28:51.997Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-5756 (GCVE-0-2007-5756)

    Vulnerability from cvelistv5 – Published: 2007-11-14 01:00 – Updated: 2024-08-07 15:39
    VLAI
    Summary
    Multiple array index errors in the bpf_filter_init function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode (aka Table Management Extensions or TME), and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    http://www.winpcap.org/misc/changelog.htm x_refsource_CONFIRM
    http://www.securitytracker.com/id?1018935 vdb-entryx_refsource_SECTRACK
    http://www.securityfocus.com/bid/26409 vdb-entryx_refsource_BID
    http://secunia.com/advisories/27676 third-party-advisoryx_refsource_SECUNIA
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.vupen.com/english/advisories/2007/3835 vdb-entryx_refsource_VUPEN
    Date Public
    2007-11-09 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T15:39:13.725Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20071112 WinPcap NPF.SYS bpf_filter_init Arbitrary Array Indexing Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=625"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.winpcap.org/misc/changelog.htm"
              },
              {
                "name": "1018935",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1018935"
              },
              {
                "name": "26409",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/26409"
              },
              {
                "name": "27676",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/27676"
              },
              {
                "name": "winpcap-bpffilterinit-code-execution(38433)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38433"
              },
              {
                "name": "ADV-2007-3835",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/3835"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-11-09T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple array index errors in the bpf_filter_init function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode (aka Table Management Extensions or TME), and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20071112 WinPcap NPF.SYS bpf_filter_init Arbitrary Array Indexing Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=625"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.winpcap.org/misc/changelog.htm"
            },
            {
              "name": "1018935",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1018935"
            },
            {
              "name": "26409",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/26409"
            },
            {
              "name": "27676",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/27676"
            },
            {
              "name": "winpcap-bpffilterinit-code-execution(38433)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38433"
            },
            {
              "name": "ADV-2007-3835",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/3835"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-5756",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple array index errors in the bpf_filter_init function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode (aka Table Management Extensions or TME), and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20071112 WinPcap NPF.SYS bpf_filter_init Arbitrary Array Indexing Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=625"
                },
                {
                  "name": "http://www.winpcap.org/misc/changelog.htm",
                  "refsource": "CONFIRM",
                  "url": "http://www.winpcap.org/misc/changelog.htm"
                },
                {
                  "name": "1018935",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1018935"
                },
                {
                  "name": "26409",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/26409"
                },
                {
                  "name": "27676",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/27676"
                },
                {
                  "name": "winpcap-bpffilterinit-code-execution(38433)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/38433"
                },
                {
                  "name": "ADV-2007-3835",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/3835"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-5756",
        "datePublished": "2007-11-14T01:00:00.000Z",
        "dateReserved": "2007-10-31T00:00:00.000Z",
        "dateUpdated": "2024-08-07T15:39:13.725Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3681 (GCVE-0-2007-3681)

    Vulnerability from cvelistv5 – Published: 2007-07-11 17:00 – Updated: 2024-08-07 14:28
    VLAI
    Summary
    The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1018350 vdb-entryx_refsource_SECTRACK
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://www.winpcap.org/misc/changelog.htm x_refsource_CONFIRM
    https://www.exploit-db.com/exploits/4165 exploitx_refsource_EXPLOIT-DB
    http://secunia.com/advisories/25982 third-party-advisoryx_refsource_SECUNIA
    http://osvdb.org/37889 vdb-entryx_refsource_OSVDB
    http://labs.idefense.com/intelligence/vulnerabili… third-party-advisoryx_refsource_IDEFENSE
    http://www.securityfocus.com/bid/24829 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/473270/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/473297/100… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/473301/100… mailing-listx_refsource_BUGTRAQ
    http://www.vupen.com/english/advisories/2007/2468 vdb-entryx_refsource_VUPEN
    Date Public
    2007-07-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:28:51.997Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1018350",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1018350"
              },
              {
                "name": "winpcap-npf-code-execution(35309)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35309"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.winpcap.org/misc/changelog.htm"
              },
              {
                "name": "4165",
                "tags": [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
                  "x_transferred"
                ],
                "url": "https://www.exploit-db.com/exploits/4165"
              },
              {
                "name": "25982",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/25982"
              },
              {
                "name": "37889",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/37889"
              },
              {
                "name": "20070709 WinPcap NPF.SYS Local Privilege Escalation Vulnerability",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_IDEFENSE",
                  "x_transferred"
                ],
                "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=550"
              },
              {
                "name": "24829",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/24829"
              },
              {
                "name": "20070709 WinPcap NPF.SYS Privilege Elevation Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/473270/100/0/threaded"
              },
              {
                "name": "20070710 Re: WinPcap NPF.SYS Privilege Elevation Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/473297/100/0/threaded"
              },
              {
                "name": "20070710 Re: Re: WinPcap NPF.SYS Privilege Elevation Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/473301/100/0/threaded"
              },
              {
                "name": "ADV-2007-2468",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/2468"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-07-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-15T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1018350",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1018350"
            },
            {
              "name": "winpcap-npf-code-execution(35309)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35309"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.winpcap.org/misc/changelog.htm"
            },
            {
              "name": "4165",
              "tags": [
                "exploit",
                "x_refsource_EXPLOIT-DB"
              ],
              "url": "https://www.exploit-db.com/exploits/4165"
            },
            {
              "name": "25982",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/25982"
            },
            {
              "name": "37889",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/37889"
            },
            {
              "name": "20070709 WinPcap NPF.SYS Local Privilege Escalation Vulnerability",
              "tags": [
                "third-party-advisory",
                "x_refsource_IDEFENSE"
              ],
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=550"
            },
            {
              "name": "24829",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/24829"
            },
            {
              "name": "20070709 WinPcap NPF.SYS Privilege Elevation Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/473270/100/0/threaded"
            },
            {
              "name": "20070710 Re: WinPcap NPF.SYS Privilege Elevation Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/473297/100/0/threaded"
            },
            {
              "name": "20070710 Re: Re: WinPcap NPF.SYS Privilege Elevation Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/473301/100/0/threaded"
            },
            {
              "name": "ADV-2007-2468",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2468"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3681",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The IOCTL 9031 (BIOCGSTATS) handler in the NPF.SYS device driver in WinPcap before 4.0.1 allows local users to overwrite memory and execute arbitrary code via malformed Interrupt Request Packet (Irp) parameters."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1018350",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1018350"
                },
                {
                  "name": "winpcap-npf-code-execution(35309)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35309"
                },
                {
                  "name": "http://www.winpcap.org/misc/changelog.htm",
                  "refsource": "CONFIRM",
                  "url": "http://www.winpcap.org/misc/changelog.htm"
                },
                {
                  "name": "4165",
                  "refsource": "EXPLOIT-DB",
                  "url": "https://www.exploit-db.com/exploits/4165"
                },
                {
                  "name": "25982",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/25982"
                },
                {
                  "name": "37889",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/37889"
                },
                {
                  "name": "20070709 WinPcap NPF.SYS Local Privilege Escalation Vulnerability",
                  "refsource": "IDEFENSE",
                  "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=550"
                },
                {
                  "name": "24829",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/24829"
                },
                {
                  "name": "20070709 WinPcap NPF.SYS Privilege Elevation Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/473270/100/0/threaded"
                },
                {
                  "name": "20070710 Re: WinPcap NPF.SYS Privilege Elevation Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/473297/100/0/threaded"
                },
                {
                  "name": "20070710 Re: Re: WinPcap NPF.SYS Privilege Elevation Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/473301/100/0/threaded"
                },
                {
                  "name": "ADV-2007-2468",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/2468"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3681",
        "datePublished": "2007-07-11T17:00:00.000Z",
        "dateReserved": "2007-07-11T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:28:51.997Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }