WinPcap (http://www.winpcap.org/) is "a software package that facilitates real-time link-level network access for Windows-based operating systems. A wide range of open-source projects, including Wireshark, use it". Local exploitation of an invalid array indexing vulnerability in the NPF.SYS device driver of WinPcap allows attackers to execute arbitrary code in kernel context.

http://www.securiteam.com/windowsntfocus/6Q00B15KAW.html