CVE-2010-3136

Skype < 4.2.0.169 - Unauthenticated Remote Code Execution via DLL Hijacking

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-3136. PoCs published by Glafkos Charalambous.

AI-analyzed exploit summary This exploit demonstrates DLL hijacking in Skype <= 4.2.0.169 by placing a malicious wab32.dll in a directory Skype searches for DLLs. The PoC displays a message box upon execution, confirming the hijack.

Description

Untrusted search path vulnerability in Skype 4.2.0.169 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wab32.dll that is located in the same folder as a .skype file.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Glafkos Charalambous · clocalwindows
https://www.exploit-db.com/exploits/14766

This exploit demonstrates DLL hijacking in Skype <= 4.2.0.169 by placing a malicious wab32.dll in a directory Skype searches for DLLs. The PoC displays a message box upon execution, confirming the hijack.

Classification
Working Poc 90%
Attack Type
Lpe
Complexity
Trivial
Reliability
Reliable
Target: Skype <= 4.2.0.169
No auth needed
Prerequisites: Ability to place a malicious DLL in a directory Skype searches for DLLs (e.g., %commonprogramfiles%\system)
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/64577
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/14766
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11833

Scores

EPSS 0.0705
EPSS Percentile 93.3%

Details

Status published
Products (50)
skype/skype 0.90.0.5 beta
skype/skype 0.90.0.10 beta
skype/skype 0.91.0.2 beta
skype/skype 0.92.0.4 beta
skype/skype 0.93.0.18 beta
skype/skype 0.93.1.1 beta
skype/skype 0.94.0.19 beta
skype/skype 0.94.0.28 beta
skype/skype 0.95.0.11 beta
skype/skype 0.95.0.25 beta
... and 40 more
Published Aug 26, 2010
Tracked Since Feb 18, 2026