Email us! Subscribe to Liquidmatrix!

Skype URI Argument Handling Vulnerability

Author: Dave Lewis
October 5, 2006 at 3:02 am · Filed under VoIP, Vulnerability

From Secunia:

Description:
Tom Ferris has reported a vulnerability in Skype for Mac, which potentially can be exploited by malicious people to compromise a user’s system.

The vulnerability is caused due to a format string error within the handling of URI arguments and can be exploited via a specially crafted Skype URL containing format specifiers.

Successful exploitation may allow execution of arbitrary code.

The vulnerability affects versions 1.5.*.79 and prior.

Solution:
Update to version 1.5.0.80.
http://www.skype.com/download/

Article Link

Tags: , , ,

Tag It:
  • Digg
  • del.icio.us
  • Slashdot
  • Technorati
  • SphereIt
  • StumbleUpon
  • Fark
  • YahooMyWeb
  • Furl
  • Spurl
  • Ma.gnolia
  • NewsVine
Related Articles:

  • Skype URI Handler Vulnerability
  • Mozilla Update Security Advisory
  • Skype Bug May Expose User Data
  • Skype Cross-Zone Scripting Security Enhancement
  • Critical Firefox Security Flaw Discovered

    • Leave a Comment