The host is installed with Wireshark 1.4.x before 1.4.9 or 1.6.x before 1.6.2 and is prone to an Untrusted search path vulnerability. A flaw is present in the application, which fails to prevent local users from gaining privileges. Successful exploitation could allow attackers to run arbitrary Lua scripts.