CVE-2016-5720

Name of the Vulnerable Software and Affected Versions Microsoft Skype (affected versions not specified)

Description The issue concerns multiple untrusted search path vulnerabilities in Microsoft Skype, allowing local users to execute arbitrary code and conduct DLL hijacking attacks. This can be achieved via a Trojan horse that utilizes certain DLL files, specifically msi.dll, dpapi.dll, or cryptui.dll, located in the current working directory.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.