What is CVE-2016-5720?

CVE-2016-5720 is a high-severity vulnerability in Microsoft Skype, classified under CWE-264. CVSS score: 7.8/10. Published 2017-01-23.

How severe is CVE-2016-5720?

High severity. CVSS v3 base score is 7.8 out of 10.

Vulnerability in Microsoft Skype

CVE-2016-5720

Multiple untrusted search path vulnerabilities in Microsoft Skype allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) msi.dll, (2) dpapi.dll, or (3) cryptui.dll that is located in the curren…

EPSS: 0.010 (77.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Microsoft Skype
N/a — versions n/a

Weakness classification (CWE)

CWE-264

References

cve@mitre.org (mailing-list, x_refsource_FULLDISC, Mailing List, Third Party Advisory)
cve@mitre.org (vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2016-5720?: CVE-2016-5720 is a high-severity vulnerability in Microsoft Skype, classified under CWE-264. CVSS score: 7.8/10. Published 2017-01-23.
How severe is CVE-2016-5720?: High severity. CVSS v3 base score is 7.8 out of 10.