|CVSS SCORE||7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)|
The specific flaw exists within the handling of .skype files. By providing a crafted file, an attacker is able to load an arbitrary DLL. This allows an attacker to execute arbitrary code in the context of the process.
Microsoft has issued an update to correct this vulnerability. More details can be found at: