9.3

CVE-2010-3136

Exploit
Untrusted search path vulnerability in Skype 4.2.0.169 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wab32.dll that is located in the same folder as a .skype file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SkypeSkype Version <= 4.2.0.169
SkypeSkype Version0.90.0.5 Updatebeta
SkypeSkype Version0.90.0.10 Updatebeta
SkypeSkype Version0.91.0.2 Updatebeta
SkypeSkype Version0.92.0.4 Updatebeta
SkypeSkype Version0.93.0.18 Updatebeta
SkypeSkype Version0.93.1.1 Updatebeta
SkypeSkype Version0.94.0.19 Updatebeta
SkypeSkype Version0.94.0.28 Updatebeta
SkypeSkype Version0.95.0.11 Updatebeta
SkypeSkype Version0.95.0.25 Updatebeta
SkypeSkype Version0.95.0.36 Updatebeta
SkypeSkype Version0.95.0.40 Updatebeta
SkypeSkype Version0.96.0.1 Updatebeta
SkypeSkype Version0.96.0.3 Updatebeta
SkypeSkype Version0.97.0.1 Updatebeta
SkypeSkype Version0.97.0.3 Updatebeta
SkypeSkype Version0.97.0.6 Updatebeta
SkypeSkype Version0.97.0.40 Updatebeta
SkypeSkype Version0.98.0.04 Updatebeta
SkypeSkype Version0.98.0.6 Updatebeta
SkypeSkype Version0.98.0.28 Updatebeta
SkypeSkype Version0.98.0.42 Updatebeta
SkypeSkype Version0.98.0.68 Updatebeta
SkypeSkype Version1.0.0.9
SkypeSkype Version1.0.0.10
SkypeSkype Version1.0.0.18
SkypeSkype Version1.0.0.29
SkypeSkype Version1.0.0.94
SkypeSkype Version1.0.0.97
SkypeSkype Version1.0.0.100
SkypeSkype Version1.0.0.106
SkypeSkype Version1.1.0.6
SkypeSkype Version1.1.0.73
SkypeSkype Version1.1.0.79
SkypeSkype Version1.2.0.37
SkypeSkype Version1.2.0.41
SkypeSkype Version1.2.0.48
SkypeSkype Version1.3.0.45
SkypeSkype Version1.3.0.48
SkypeSkype Version1.3.0.51
SkypeSkype Version1.3.0.54
SkypeSkype Version1.3.0.55
SkypeSkype Version1.3.0.57
SkypeSkype Version1.3.0.60
SkypeSkype Version1.3.0.66
SkypeSkype Version1.4.0.71
SkypeSkype Version1.4.0.78
SkypeSkype Version1.4.0.84
SkypeSkype Version2.0.0.69
SkypeSkype Version2.0.0.73
SkypeSkype Version2.0.0.79
SkypeSkype Version2.0.0.81
SkypeSkype Version2.0.0.90
SkypeSkype Version2.0.0.97
SkypeSkype Version2.0.0.103
SkypeSkype Version2.0.0.105
SkypeSkype Version2.0.0.107
SkypeSkype Version2.5.0.72
SkypeSkype Version2.5.0.82
SkypeSkype Version2.5.0.91
SkypeSkype Version2.5.0.113
SkypeSkype Version2.5.0.122
SkypeSkype Version2.5.0.126
SkypeSkype Version2.5.0.130
SkypeSkype Version2.5.0.137
SkypeSkype Version2.5.0.141
SkypeSkype Version2.5.0.151
SkypeSkype Version2.5.0.154
SkypeSkype Version2.6.0.67 Updatebeta
SkypeSkype Version2.6.0.74 Updatebeta
SkypeSkype Version2.6.0.81 Updatebeta
SkypeSkype Version2.6.0.97 Updatebeta
SkypeSkype Version2.6.0.103 Updatebeta
SkypeSkype Version2.6.0.105 Updatebeta
SkypeSkype Version3.0.0.106 Updatebeta
SkypeSkype Version3.0.0.123 Updatebeta
SkypeSkype Version3.0.0.137 Updatebeta
SkypeSkype Version3.0.0.154 Updatebeta
SkypeSkype Version3.0.0.190
SkypeSkype Version3.0.0.198
SkypeSkype Version3.0.0.205
SkypeSkype Version3.0.0.209
SkypeSkype Version3.0.0.214
SkypeSkype Version3.0.0.216
SkypeSkype Version3.0.0.217
SkypeSkype Version3.0.0.218
SkypeSkype Version3.1.0.112 Updatebeta
SkypeSkype Version3.1.0.134 Updatebeta
SkypeSkype Version3.1.0.144
SkypeSkype Version3.1.0.147
SkypeSkype Version3.1.0.150
SkypeSkype Version3.1.0.152
SkypeSkype Version3.2.0.53 Updatebeta
SkypeSkype Version3.2.0.63 Updatebeta
SkypeSkype Version3.2.0.82 Updatebeta
SkypeSkype Version3.2.0.115 Updatebeta
SkypeSkype Version3.2.0.145
SkypeSkype Version3.2.0.148
SkypeSkype Version3.2.0.152
SkypeSkype Version3.2.0.158
SkypeSkype Version3.2.0.163
SkypeSkype Version3.2.0.175
SkypeSkype Version3.5.0.107 Updatebeta
SkypeSkype Version3.5.0.158 Updatebeta
SkypeSkype Version3.5.0.178
SkypeSkype Version3.5.0.202
SkypeSkype Version3.5.0.214
SkypeSkype Version3.5.0.229
SkypeSkype Version3.5.0.234
SkypeSkype Version3.5.0.239
SkypeSkype Version3.6.0.127 Updatebeta
SkypeSkype Version3.6.0.159 Updatebeta
SkypeSkype Version3.6.0.216
SkypeSkype Version3.6.0.244
SkypeSkype Version3.6.0.248
SkypeSkype Version3.8.0.96 Updatebeta
SkypeSkype Version3.8.0.115
SkypeSkype Version3.8.0.139
SkypeSkype Version3.8.0.144
SkypeSkype Version3.8.0.154
SkypeSkype Version3.8.0.180
SkypeSkype Version3.8.0.188
SkypeSkype Version4.0 Updatebeta_3
SkypeSkype Version4.0.0.145 Updatebeta
SkypeSkype Version4.0.0.150 Updatebeta
SkypeSkype Version4.0.0.155 Updatebeta_1
SkypeSkype Version4.0.0.161 Updatebeta
SkypeSkype Version4.0.0.166 Updatebeta_2
SkypeSkype Version4.0.0.168 Updatebeta_2
SkypeSkype Version4.0.0.169 Updatebeta_2
SkypeSkype Version4.0.0.176 Updatebeta_3
SkypeSkype Version4.0.0.181 Updatebeta_3
SkypeSkype Version4.0.0.206
SkypeSkype Version4.0.0.215
SkypeSkype Version4.0.0.216
SkypeSkype Version4.0.0.224
SkypeSkype Version4.0.0.226
SkypeSkype Version4.0.0.227
SkypeSkype Version4.1.0.130
SkypeSkype Version4.1.0.130 Updatebeta
SkypeSkype Version4.1.0.136
SkypeSkype Version4.1.0.141
SkypeSkype Version4.1.0.166
SkypeSkype Version4.1.0.179
SkypeSkype Version4.2.0.141 Updatebeta
SkypeSkype Version4.2.0.152
SkypeSkype Version4.2.0.155
SkypeSkype Version4.2.0.158
SkypeSkype Version4.2.0.163
SkypeSkype Version4.2.0.166
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 6.91% 0.933
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.exploit-db.com/exploits/14766
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/64577
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11833