CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-5720

Multiple untrusted search path vulnerabilities in Microsoft Skype allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) msi.dll, (2) dpapi.dll, or (3) cryptui.dll that is located in the current working directory.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.011

EPSS Ranking 76.7%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 7.2

References

http://seclists.org/fulldisclosure/2016/Sep/65
http://www.securityfocus.com/bid/95859
http://seclists.org/fulldisclosure/2016/Sep/65
http://www.securityfocus.com/bid/95859

Products affected by CVE-2016-5720

Microsoft » Skype » Version: N/A

cpe:2.3:a:microsoft:skype:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-5720

Products

Pricing

Contact Us