CVE-2010-3136

Name of the Vulnerable Software and Affected Versions Skype versions 4.2.0.169 and earlier

Description The issue allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wab32.dll that is located in the same folder as a .skype file.

Recommendations For Skype versions 4.2.0.169 and earlier, update to a version later than 4.2.0.169 to resolve the issue. As a temporary workaround, consider restricting access to the wab32.dll file to minimize the risk of exploitation. Avoid using .skype files from untrusted sources until the issue is resolved.