Buffer overflow in the handling of command line arguments in Skype 1.0.x.94 through 1.0.x.98 allows remote attackers to execute arbitrary code via a callto:// URL with a long non-existent username, a different vulnerability than CVE-2004-1777.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| skype_technologies | skype | 1.0.0.94 |
| skype_technologies | skype | 1.0.0.10 |
| skype_technologies | skype | 1.0.0.29 |
| skype_technologies | skype | 1.0.0.9 |
| skype_technologies | skype | 1.0.0.18 |
| skype_technologies | skype | 1.0.0.97 |
A "range check error" in Skype for Windows before 0.98.0.28 allows local and remote attackers to cause a denial of service (application crash) via long command line arguments or a long callto:// URL, a different vulnerability than CVE-2004-1114.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| skype_technologies | skype | 0.98.0.04 |
| skype_technologies | skype | * |
Skype for Windows 1.2.0.0 to 1.2.0.46 allows local users to bypass the identity check for an authorized application, then call arbitrary Skype API functions by modifying or replacing that application.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| skype_technologies | skype | 1.2.0.46 |
| skype_technologies | skype | 1.2.0.37 |
| skype_technologies | skype | 1.2.0.0 |
| skype_technologies | skype | 1.2.0.41 |
Skype 1.1.0.20 and earlier allows local users to overwrite arbitrary files via a symlink attack on the skype_profile.jpg temporary file.
CVSS 2.0
Severity: LOW
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| skype_technologies | skype | * |
Buffer overflow in Skype for Windows 1.1.x.0 through 1.4.x.83 allows remote attackers to execute arbitrary code via (1) callto:// and (2) skype:// links, or (3) a non-standard VCARD, possibly due to an underlying error in the SysUtils.WideFmtStr Delphi routine.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| skype_technologies | skype | 1.2.0.46 |
| skype_technologies | skype | 1.2.0.37 |
| skype_technologies | skype | 1.1.0.79 |
| skype_technologies | skype | 1.3.0.55 |
| skype_technologies | skype | 1.3.0.66 |
| skype_technologies | skype | 1.3.0.60 |
| skype_technologies | skype | 1.2.0.41 |
| skype_technologies | skype | 1.3.0.54 |
| skype_technologies | skype | 1.4.0.83 |
| skype_technologies | skype | 1.3.0.51 |
| skype_technologies | skype | 1.4.0.71 |
| skype_technologies | skype | 1.3.0.48 |
| skype_technologies | skype | 1.4.0.78 |
| skype_technologies | skype | 1.3.0.45 |
| skype_technologies | skype | 1.1.0.73 |
| skype_technologies | skype | 1.2.0.0 |
| skype_technologies | skype | 1.1.0.61 |
| skype_technologies | skype | 1.3.0.57 |
Integer overflow in Skype client before 1.4.x.84 on Windows, before 1.3.x.17 on Mac OS, before 1.2.x.18 on Linux, and 1.1.x.6 and earlier allows remote attackers to cause a denial of service (crash) via crafted network data with a large Object Counter value, which leads to a resultant heap-based buffer overflow.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-189,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| skype_technologies | skype | 1.0.0.94 |
| skype_technologies | skype | 1.1.06 |
| skype_technologies | skype | 1.0.0.10 |
| skype_technologies | skype | 0.92.0.12 |
| skype_technologies | skype | 1.0.0.100 |
| skype_technologies | skype | 1.0.0.29 |
| skype_technologies | skype | 0.93.0.3 |
| skype_technologies | skype | 1.1.0.0 |
| skype_technologies | skype | 1.2.0.17 |
| skype_technologies | skype | 1.0.0.9 |
| skype_technologies | skype | 1.0.0.18 |
| skype_technologies | skype | 1.4.0.83 |
| skype_technologies | skype | 1.0.0.97 |
| skype_technologies | skype | 1.0.0.1 |
| skype_technologies | skype | 1.3.0.16 |
| skype_technologies | skype | 0.98.0.04 |
| skype_technologies | skype | 1.1.0.20 |
| skype_technologies | skype | 1.0.0.7 |