CVE-2010-3136

Untrusted search path vulnerability in Skype 4.2.0.169 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wab32.dll that is located in the same folder as a .skype file.

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.exploit-db.com/exploits/14766	Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/64577
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11833
http://www.exploit-db.com/exploits/14766	Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/64577
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11833

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:skype:skype::::::::
	cpe:2.3:a:skype:skype:0.90.0.5:beta::::::
	cpe:2.3:a:skype:skype:0.90.0.10:beta::::::
	cpe:2.3:a:skype:skype:0.91.0.2:beta::::::
	cpe:2.3:a:skype:skype:0.92.0.4:beta::::::
	cpe:2.3:a:skype:skype:0.93.0.18:beta::::::
	cpe:2.3:a:skype:skype:0.93.1.1:beta::::::
	cpe:2.3:a:skype:skype:0.94.0.19:beta::::::
	cpe:2.3:a:skype:skype:0.94.0.28:beta::::::
	cpe:2.3:a:skype:skype:0.95.0.11:beta::::::
	cpe:2.3:a:skype:skype:0.95.0.25:beta::::::
	cpe:2.3:a:skype:skype:0.95.0.36:beta::::::
	cpe:2.3:a:skype:skype:0.95.0.40:beta::::::
	cpe:2.3:a:skype:skype:0.96.0.1:beta::::::
	cpe:2.3:a:skype:skype:0.96.0.3:beta::::::
	cpe:2.3:a:skype:skype:0.97.0.1:beta::::::
	cpe:2.3:a:skype:skype:0.97.0.3:beta::::::
	cpe:2.3:a:skype:skype:0.97.0.6:beta::::::
	cpe:2.3:a:skype:skype:0.97.0.40:beta::::::
	cpe:2.3:a:skype:skype:0.98.0.04:beta::::::
	cpe:2.3:a:skype:skype:0.98.0.6:beta::::::
	cpe:2.3:a:skype:skype:0.98.0.28:beta::::::
	cpe:2.3:a:skype:skype:0.98.0.42:beta::::::
	cpe:2.3:a:skype:skype:0.98.0.68:beta::::::
	cpe:2.3:a:skype:skype:1.0.0.9:::::::*
	cpe:2.3:a:skype:skype:1.0.0.10:::::::*
	cpe:2.3:a:skype:skype:1.0.0.18:::::::*
	cpe:2.3:a:skype:skype:1.0.0.29:::::::*
	cpe:2.3:a:skype:skype:1.0.0.94:::::::*
	cpe:2.3:a:skype:skype:1.0.0.97:::::::*
	cpe:2.3:a:skype:skype:1.0.0.100:::::::*
	cpe:2.3:a:skype:skype:1.0.0.106:::::::*
	cpe:2.3:a:skype:skype:1.1.0.6:::::::*
	cpe:2.3:a:skype:skype:1.1.0.73:::::::*
	cpe:2.3:a:skype:skype:1.1.0.79:::::::*
	cpe:2.3:a:skype:skype:1.2.0.37:::::::*
	cpe:2.3:a:skype:skype:1.2.0.41:::::::*
	cpe:2.3:a:skype:skype:1.2.0.48:::::::*
	cpe:2.3:a:skype:skype:1.3.0.45:::::::*
	cpe:2.3:a:skype:skype:1.3.0.48:::::::*
	cpe:2.3:a:skype:skype:1.3.0.51:::::::*
	cpe:2.3:a:skype:skype:1.3.0.54:::::::*
	cpe:2.3:a:skype:skype:1.3.0.55:::::::*
	cpe:2.3:a:skype:skype:1.3.0.57:::::::*
	cpe:2.3:a:skype:skype:1.3.0.60:::::::*
	cpe:2.3:a:skype:skype:1.3.0.66:::::::*
	cpe:2.3:a:skype:skype:1.4.0.71:::::::*
	cpe:2.3:a:skype:skype:1.4.0.78:::::::*
	cpe:2.3:a:skype:skype:1.4.0.84:::::::*
	cpe:2.3:a:skype:skype:2.0.0.69:::::::*
	cpe:2.3:a:skype:skype:2.0.0.73:::::::*
	cpe:2.3:a:skype:skype:2.0.0.79:::::::*
	cpe:2.3:a:skype:skype:2.0.0.81:::::::*
	cpe:2.3:a:skype:skype:2.0.0.90:::::::*
	cpe:2.3:a:skype:skype:2.0.0.97:::::::*
	cpe:2.3:a:skype:skype:2.0.0.103:::::::*
	cpe:2.3:a:skype:skype:2.0.0.105:::::::*
	cpe:2.3:a:skype:skype:2.0.0.107:::::::*
	cpe:2.3:a:skype:skype:2.5.0.72:::::::*
	cpe:2.3:a:skype:skype:2.5.0.82:::::::*
	cpe:2.3:a:skype:skype:2.5.0.91:::::::*
	cpe:2.3:a:skype:skype:2.5.0.113:::::::*
	cpe:2.3:a:skype:skype:2.5.0.122:::::::*
	cpe:2.3:a:skype:skype:2.5.0.126:::::::*
cpe:2.3:a:skype:skype:2.5.0.130:::::::*
cpe:2.3:a:skype:skype:2.5.0.137:::::::*
cpe:2.3:a:skype:skype:2.5.0.141:::::::*
cpe:2.3:a:skype:skype:2.5.0.151:::::::*
cpe:2.3:a:skype:skype:2.5.0.154:::::::*
cpe:2.3:a:skype:skype:2.6.0.67:beta::::::
cpe:2.3:a:skype:skype:2.6.0.74:beta::::::
cpe:2.3:a:skype:skype:2.6.0.81:beta::::::
cpe:2.3:a:skype:skype:2.6.0.97:beta::::::
cpe:2.3:a:skype:skype:2.6.0.103:beta::::::
cpe:2.3:a:skype:skype:2.6.0.105:beta::::::
cpe:2.3:a:skype:skype:3.0.0.106:beta::::::
cpe:2.3:a:skype:skype:3.0.0.123:beta::::::
cpe:2.3:a:skype:skype:3.0.0.137:beta::::::
cpe:2.3:a:skype:skype:3.0.0.154:beta::::::
cpe:2.3:a:skype:skype:3.0.0.190:::::::*
cpe:2.3:a:skype:skype:3.0.0.198:::::::*
cpe:2.3:a:skype:skype:3.0.0.205:::::::*
cpe:2.3:a:skype:skype:3.0.0.209:::::::*
cpe:2.3:a:skype:skype:3.0.0.214:::::::*
cpe:2.3:a:skype:skype:3.0.0.216:::::::*
cpe:2.3:a:skype:skype:3.0.0.217:::::::*
cpe:2.3:a:skype:skype:3.0.0.218:::::::*
cpe:2.3:a:skype:skype:3.1.0.112:beta::::::
cpe:2.3:a:skype:skype:3.1.0.134:beta::::::
cpe:2.3:a:skype:skype:3.1.0.144:::::::*
cpe:2.3:a:skype:skype:3.1.0.147:::::::*
cpe:2.3:a:skype:skype:3.1.0.150:::::::*
cpe:2.3:a:skype:skype:3.1.0.152:::::::*
cpe:2.3:a:skype:skype:3.2.0.53:beta::::::
cpe:2.3:a:skype:skype:3.2.0.63:beta::::::
cpe:2.3:a:skype:skype:3.2.0.82:beta::::::
cpe:2.3:a:skype:skype:3.2.0.115:beta::::::
cpe:2.3:a:skype:skype:3.2.0.145:::::::*
cpe:2.3:a:skype:skype:3.2.0.148:::::::*
cpe:2.3:a:skype:skype:3.2.0.152:::::::*
cpe:2.3:a:skype:skype:3.2.0.158:::::::*
cpe:2.3:a:skype:skype:3.2.0.163:::::::*
cpe:2.3:a:skype:skype:3.2.0.175:::::::*
cpe:2.3:a:skype:skype:3.5.0.107:beta::::::
cpe:2.3:a:skype:skype:3.5.0.158:beta::::::
cpe:2.3:a:skype:skype:3.5.0.178:::::::*
cpe:2.3:a:skype:skype:3.5.0.202:::::::*
cpe:2.3:a:skype:skype:3.5.0.214:::::::*
cpe:2.3:a:skype:skype:3.5.0.229:::::::*
cpe:2.3:a:skype:skype:3.5.0.234:::::::*
cpe:2.3:a:skype:skype:3.5.0.239:::::::*
cpe:2.3:a:skype:skype:3.6.0.127:beta::::::
cpe:2.3:a:skype:skype:3.6.0.159:beta::::::
cpe:2.3:a:skype:skype:3.6.0.216:::::::*
cpe:2.3:a:skype:skype:3.6.0.244:::::::*
cpe:2.3:a:skype:skype:3.6.0.248:::::::*
cpe:2.3:a:skype:skype:3.8.0.96:beta::::::
cpe:2.3:a:skype:skype:3.8.0.115:::::::*
cpe:2.3:a:skype:skype:3.8.0.139:::::::*
cpe:2.3:a:skype:skype:3.8.0.144:::::::*
cpe:2.3:a:skype:skype:3.8.0.154:::::::*
cpe:2.3:a:skype:skype:3.8.0.180:::::::*
cpe:2.3:a:skype:skype:3.8.0.188:::::::*
cpe:2.3:a:skype:skype:4.0:beta_3::::::
cpe:2.3:a:skype:skype:4.0.0.145:beta::::::
cpe:2.3:a:skype:skype:4.0.0.150:beta::::::
cpe:2.3:a:skype:skype:4.0.0.155:beta_1::::::
cpe:2.3:a:skype:skype:4.0.0.161:beta::::::
cpe:2.3:a:skype:skype:4.0.0.166:beta_2::::::
cpe:2.3:a:skype:skype:4.0.0.168:beta_2::::::
cpe:2.3:a:skype:skype:4.0.0.169:beta_2::::::
cpe:2.3:a:skype:skype:4.0.0.176:beta_3::::::
cpe:2.3:a:skype:skype:4.0.0.181:beta_3::::::
cpe:2.3:a:skype:skype:4.0.0.206:::::::*
cpe:2.3:a:skype:skype:4.0.0.215:::::::*
cpe:2.3:a:skype:skype:4.0.0.216:::::::*
cpe:2.3:a:skype:skype:4.0.0.224:::::::*
cpe:2.3:a:skype:skype:4.0.0.226:::::::*
cpe:2.3:a:skype:skype:4.0.0.227:::::::*
cpe:2.3:a:skype:skype:4.1.0.130:::::::*
cpe:2.3:a:skype:skype:4.1.0.130:beta::::::
cpe:2.3:a:skype:skype:4.1.0.136:::::::*
cpe:2.3:a:skype:skype:4.1.0.141:::::::*
cpe:2.3:a:skype:skype:4.1.0.166:::::::*
cpe:2.3:a:skype:skype:4.1.0.179:::::::*
cpe:2.3:a:skype:skype:4.2.0.141:beta::::::
cpe:2.3:a:skype:skype:4.2.0.152:::::::*
cpe:2.3:a:skype:skype:4.2.0.155:::::::*
cpe:2.3:a:skype:skype:4.2.0.158:::::::*
cpe:2.3:a:skype:skype:4.2.0.163:::::::*
cpe:2.3:a:skype:skype:4.2.0.166:::::::*

History

21 Nov 2024, 01:18

Type	Values Removed	Values Added
References	~~() http://www.exploit-db.com/exploits/14766 - Exploit~~	() http://www.exploit-db.com/exploits/14766 - Exploit
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/64577 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/64577 -
References	~~() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11833 -~~	() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11833 -

Information

Published : 2010-08-26 18:36

Updated : 2024-11-21 01:18

NVD link : CVE-2010-3136

Mitre link : CVE-2010-3136

CVE.ORG link : CVE-2010-3136

JSON object : View

Products Affected

skype

skype

CWE

NVD-CWE-Other

9.3 /10