CVE DATABASE / CVE-2007-5756
CVE-2007-5756
CVSS 6.9 · MEDIUM
Summary
Multiple array index errors in the bpf_filter_init function in NPF.SYS in WinPcap before 4.0.2, when run in monitor mode (aka Table Management Extensions or TME), and as used in Wireshark and possibly other products, allow local users to gain privileges via crafted IOCTL requests.
CVSS 2.0 breakdown
| Base score | 6.9 (MEDIUM) |
| Vector | AV:L/AC:M/Au:N/C:C/I:C/A:C |
| Attack vector | LOCAL |
| Attack complexity | MEDIUM |
| Confidentiality | COMPLETE |
| Integrity | COMPLETE |
| Availability | COMPLETE |
Weakness type (CWE)
Affected products
Winpcap winpcap
Check this CVE live
Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=625
- http://secunia.com/advisories/27676
- http://www.securityfocus.com/bid/26409
- http://www.securitytracker.com/id?1018935
- http://www.vupen.com/english/advisories/2007/3835
- http://www.winpcap.org/misc/changelog.htm
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38433
Data: NIST NVD. NVD last modified 2026-04-23. Always verify against the vendor advisory before acting.