CVE-2018-0595

Description

Untrusted search path vulnerability in the installer of Skype for Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

Risk Information

Base Score

7.8

MODERATE

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

4.844

Associated Vulnerability

Vulnerability	OS Platform
Multiple vulnerabilities affected in Skype 7.36	Windows
Multiple vulnerabilities affected in Skype 7.36 (For Ubuntu)	Linux
Multiple vulnerabilities affected in Skype 7.36 (For Debian)	Linux
Multiple vulnerabilities affected in Skype 7.36 (For Centos)	Linux
Multiple vulnerabilities affected in Skype 7.36 (For RedHat)	Linux
Multiple vulnerabilities affected in Skype 7.36 (For Suse)	Linux

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-343283	Skype (8.133.0.202) (Manual Upload Required)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234