This script is Copyright (C) 2006-2016 Tenable Network Security, Inc.
Arbitrary code can be executed on the remote host.
The remote host is running Skype, a peer-to-peer voice over IP
The remote version of this software is vulnerable to a heap overflow
in the handling of its data structures. An attacker can exploit this
flaw by sending a specially crafted network packet to UDP or TCP ports
Skype is listening on. A successful exploitation of this flaw will
result in code execution on the remote host.
In addition, Skype has been reported to contain overflows in the
handling of VCards and callto/skype URLs. However, Nessus has not
checked for them.
See also :
Upgrade to skype version 18.104.22.168 or later.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.4
Public Exploit Available : true