Unspecified vulnerability in the skype4com URI handler in Skype before 3.6 GOLD allows remote attackers to execute arbitrary code via "short string values" that result in heap corruption.
http://secunia.com/advisories/27934
http://securityreason.com/securityalert/3440
http://securitytracker.com/id?1019056
http://www.securityfocus.com/archive/1/484703/100/0/threaded
http://www.securityfocus.com/bid/26748
OR
cpe:2.3:a:skype_technologies:skype:0.98.0.04:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.0.0.10:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.0.0.18:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.0.0.29:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.0.0.94:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.0.0.97:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.0.0.100:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.4.0.83:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.5.0.79:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.5.80:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:2.0:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:2.0.104:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:2.0.105:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:2.5:*:*:*:*:*:*:*
ID | Name | Product | Family | Severity |
---|---|---|---|---|
4310 | Skype Technologies < 3.6.0.216 skype4com URI Handler Remote Heap Corruption | Nessus Network Monitor | Internet Messengers | medium |
29250 | Skype skype4com URI Handler Remote Heap Corruption (uncredentialed check) | Nessus | Windows | high |