CVE-2010-3136 - OpenCVE

Untrusted search path vulnerability in Skype 4.2.0.169 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wab32.dll that is located in the same folder as a .skype file.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Skype	Skype

Configuration 1 [-]

OR	cpe:2.3:a:skype:skype::::::::
	cpe:2.3:a:skype:skype:0.90.0.5:beta::::::
	cpe:2.3:a:skype:skype:0.90.0.10:beta::::::
	cpe:2.3:a:skype:skype:0.91.0.2:beta::::::
	cpe:2.3:a:skype:skype:0.92.0.4:beta::::::
	cpe:2.3:a:skype:skype:0.93.0.18:beta::::::
	cpe:2.3:a:skype:skype:0.93.1.1:beta::::::
	cpe:2.3:a:skype:skype:0.94.0.19:beta::::::
	cpe:2.3:a:skype:skype:0.94.0.28:beta::::::
	cpe:2.3:a:skype:skype:0.95.0.11:beta::::::
	cpe:2.3:a:skype:skype:0.95.0.25:beta::::::
	cpe:2.3:a:skype:skype:0.95.0.36:beta::::::
	cpe:2.3:a:skype:skype:0.95.0.40:beta::::::
	cpe:2.3:a:skype:skype:0.96.0.1:beta::::::
	cpe:2.3:a:skype:skype:0.96.0.3:beta::::::
	cpe:2.3:a:skype:skype:0.97.0.1:beta::::::
	cpe:2.3:a:skype:skype:0.97.0.3:beta::::::
	cpe:2.3:a:skype:skype:0.97.0.6:beta::::::
	cpe:2.3:a:skype:skype:0.97.0.40:beta::::::
	cpe:2.3:a:skype:skype:0.98.0.04:beta::::::
	cpe:2.3:a:skype:skype:0.98.0.6:beta::::::
	cpe:2.3:a:skype:skype:0.98.0.28:beta::::::
	cpe:2.3:a:skype:skype:0.98.0.42:beta::::::
	cpe:2.3:a:skype:skype:0.98.0.68:beta::::::
	cpe:2.3:a:skype:skype:1.0.0.9:::::::*
	cpe:2.3:a:skype:skype:1.0.0.10:::::::*
	cpe:2.3:a:skype:skype:1.0.0.18:::::::*
	cpe:2.3:a:skype:skype:1.0.0.29:::::::*
	cpe:2.3:a:skype:skype:1.0.0.94:::::::*
	cpe:2.3:a:skype:skype:1.0.0.97:::::::*
	cpe:2.3:a:skype:skype:1.0.0.100:::::::*
	cpe:2.3:a:skype:skype:1.0.0.106:::::::*
	cpe:2.3:a:skype:skype:1.1.0.6:::::::*
	cpe:2.3:a:skype:skype:1.1.0.73:::::::*
	cpe:2.3:a:skype:skype:1.1.0.79:::::::*
	cpe:2.3:a:skype:skype:1.2.0.37:::::::*
	cpe:2.3:a:skype:skype:1.2.0.41:::::::*
	cpe:2.3:a:skype:skype:1.2.0.48:::::::*
	cpe:2.3:a:skype:skype:1.3.0.45:::::::*
	cpe:2.3:a:skype:skype:1.3.0.48:::::::*
	cpe:2.3:a:skype:skype:1.3.0.51:::::::*
	cpe:2.3:a:skype:skype:1.3.0.54:::::::*
	cpe:2.3:a:skype:skype:1.3.0.55:::::::*
	cpe:2.3:a:skype:skype:1.3.0.57:::::::*
	cpe:2.3:a:skype:skype:1.3.0.60:::::::*
	cpe:2.3:a:skype:skype:1.3.0.66:::::::*
	cpe:2.3:a:skype:skype:1.4.0.71:::::::*
	cpe:2.3:a:skype:skype:1.4.0.78:::::::*
	cpe:2.3:a:skype:skype:1.4.0.84:::::::*
	cpe:2.3:a:skype:skype:2.0.0.69:::::::*
	cpe:2.3:a:skype:skype:2.0.0.73:::::::*
	cpe:2.3:a:skype:skype:2.0.0.79:::::::*
	cpe:2.3:a:skype:skype:2.0.0.81:::::::*
	cpe:2.3:a:skype:skype:2.0.0.90:::::::*
	cpe:2.3:a:skype:skype:2.0.0.97:::::::*
	cpe:2.3:a:skype:skype:2.0.0.103:::::::*
	cpe:2.3:a:skype:skype:2.0.0.105:::::::*
	cpe:2.3:a:skype:skype:2.0.0.107:::::::*
	cpe:2.3:a:skype:skype:2.5.0.72:::::::*
	cpe:2.3:a:skype:skype:2.5.0.82:::::::*
	cpe:2.3:a:skype:skype:2.5.0.91:::::::*
	cpe:2.3:a:skype:skype:2.5.0.113:::::::*
	cpe:2.3:a:skype:skype:2.5.0.122:::::::*
	cpe:2.3:a:skype:skype:2.5.0.126:::::::*
cpe:2.3:a:skype:skype:2.5.0.130:::::::*
cpe:2.3:a:skype:skype:2.5.0.137:::::::*
cpe:2.3:a:skype:skype:2.5.0.141:::::::*
cpe:2.3:a:skype:skype:2.5.0.151:::::::*
cpe:2.3:a:skype:skype:2.5.0.154:::::::*
cpe:2.3:a:skype:skype:2.6.0.67:beta::::::
cpe:2.3:a:skype:skype:2.6.0.74:beta::::::
cpe:2.3:a:skype:skype:2.6.0.81:beta::::::
cpe:2.3:a:skype:skype:2.6.0.97:beta::::::
cpe:2.3:a:skype:skype:2.6.0.103:beta::::::
cpe:2.3:a:skype:skype:2.6.0.105:beta::::::
cpe:2.3:a:skype:skype:3.0.0.106:beta::::::
cpe:2.3:a:skype:skype:3.0.0.123:beta::::::
cpe:2.3:a:skype:skype:3.0.0.137:beta::::::
cpe:2.3:a:skype:skype:3.0.0.154:beta::::::
cpe:2.3:a:skype:skype:3.0.0.190:::::::*
cpe:2.3:a:skype:skype:3.0.0.198:::::::*
cpe:2.3:a:skype:skype:3.0.0.205:::::::*
cpe:2.3:a:skype:skype:3.0.0.209:::::::*
cpe:2.3:a:skype:skype:3.0.0.214:::::::*
cpe:2.3:a:skype:skype:3.0.0.216:::::::*
cpe:2.3:a:skype:skype:3.0.0.217:::::::*
cpe:2.3:a:skype:skype:3.0.0.218:::::::*
cpe:2.3:a:skype:skype:3.1.0.112:beta::::::
cpe:2.3:a:skype:skype:3.1.0.134:beta::::::
cpe:2.3:a:skype:skype:3.1.0.144:::::::*
cpe:2.3:a:skype:skype:3.1.0.147:::::::*
cpe:2.3:a:skype:skype:3.1.0.150:::::::*
cpe:2.3:a:skype:skype:3.1.0.152:::::::*
cpe:2.3:a:skype:skype:3.2.0.53:beta::::::
cpe:2.3:a:skype:skype:3.2.0.63:beta::::::
cpe:2.3:a:skype:skype:3.2.0.82:beta::::::
cpe:2.3:a:skype:skype:3.2.0.115:beta::::::
cpe:2.3:a:skype:skype:3.2.0.145:::::::*
cpe:2.3:a:skype:skype:3.2.0.148:::::::*
cpe:2.3:a:skype:skype:3.2.0.152:::::::*
cpe:2.3:a:skype:skype:3.2.0.158:::::::*
cpe:2.3:a:skype:skype:3.2.0.163:::::::*
cpe:2.3:a:skype:skype:3.2.0.175:::::::*
cpe:2.3:a:skype:skype:3.5.0.107:beta::::::
cpe:2.3:a:skype:skype:3.5.0.158:beta::::::
cpe:2.3:a:skype:skype:3.5.0.178:::::::*
cpe:2.3:a:skype:skype:3.5.0.202:::::::*
cpe:2.3:a:skype:skype:3.5.0.214:::::::*
cpe:2.3:a:skype:skype:3.5.0.229:::::::*
cpe:2.3:a:skype:skype:3.5.0.234:::::::*
cpe:2.3:a:skype:skype:3.5.0.239:::::::*
cpe:2.3:a:skype:skype:3.6.0.127:beta::::::
cpe:2.3:a:skype:skype:3.6.0.159:beta::::::
cpe:2.3:a:skype:skype:3.6.0.216:::::::*
cpe:2.3:a:skype:skype:3.6.0.244:::::::*
cpe:2.3:a:skype:skype:3.6.0.248:::::::*
cpe:2.3:a:skype:skype:3.8.0.96:beta::::::
cpe:2.3:a:skype:skype:3.8.0.115:::::::*
cpe:2.3:a:skype:skype:3.8.0.139:::::::*
cpe:2.3:a:skype:skype:3.8.0.144:::::::*
cpe:2.3:a:skype:skype:3.8.0.154:::::::*
cpe:2.3:a:skype:skype:3.8.0.180:::::::*
cpe:2.3:a:skype:skype:3.8.0.188:::::::*
cpe:2.3:a:skype:skype:4.0:beta_3::::::
cpe:2.3:a:skype:skype:4.0.0.145:beta::::::
cpe:2.3:a:skype:skype:4.0.0.150:beta::::::
cpe:2.3:a:skype:skype:4.0.0.155:beta_1::::::
cpe:2.3:a:skype:skype:4.0.0.161:beta::::::
cpe:2.3:a:skype:skype:4.0.0.166:beta_2::::::
cpe:2.3:a:skype:skype:4.0.0.168:beta_2::::::
cpe:2.3:a:skype:skype:4.0.0.169:beta_2::::::
cpe:2.3:a:skype:skype:4.0.0.176:beta_3::::::
cpe:2.3:a:skype:skype:4.0.0.181:beta_3::::::
cpe:2.3:a:skype:skype:4.0.0.206:::::::*
cpe:2.3:a:skype:skype:4.0.0.215:::::::*
cpe:2.3:a:skype:skype:4.0.0.216:::::::*
cpe:2.3:a:skype:skype:4.0.0.224:::::::*
cpe:2.3:a:skype:skype:4.0.0.226:::::::*
cpe:2.3:a:skype:skype:4.0.0.227:::::::*
cpe:2.3:a:skype:skype:4.1.0.130:::::::*
cpe:2.3:a:skype:skype:4.1.0.130:beta::::::
cpe:2.3:a:skype:skype:4.1.0.136:::::::*
cpe:2.3:a:skype:skype:4.1.0.141:::::::*
cpe:2.3:a:skype:skype:4.1.0.166:::::::*
cpe:2.3:a:skype:skype:4.1.0.179:::::::*
cpe:2.3:a:skype:skype:4.2.0.141:beta::::::
cpe:2.3:a:skype:skype:4.2.0.152:::::::*
cpe:2.3:a:skype:skype:4.2.0.155:::::::*
cpe:2.3:a:skype:skype:4.2.0.158:::::::*
cpe:2.3:a:skype:skype:4.2.0.163:::::::*
cpe:2.3:a:skype:skype:4.2.0.166:::::::*

No data.

References

Link	Providers
http://www.exploit-db.com/exploits/14766
https://exchange.xforce.ibmcloud.com/vulnerabilities/64577
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11833

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2010-08-26T18:00:00

Updated: 2024-08-07T02:55:46.784Z

Reserved: 2010-08-26T00:00:00

Link: CVE-2010-3136

Vulnrichment

No data.

NVD

Status : Modified

Published: 2010-08-26T18:36:36.107

Modified: 2017-09-19T01:31:14.567

Link: CVE-2010-3136

Redhat

No data.

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object