Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse airpcap.dll, and possibly other DLLs, that is located in the same folder as a file that automatically launches Wireshark.
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11498
http://www.wireshark.org/security/wnpa-sec-2010-10.html
http://www.wireshark.org/security/wnpa-sec-2010-09.html
http://www.vupen.com/english/advisories/2010/2243