Detections
Analytics

Skype file: URI Handling Security Bypass Arbitrary Code Execution (uncredentialed check)

high Nessus Plugin ID 33125

Language:

Synopsis

The remote Skype client is affected by a security policy bypass vulnerability.

Description

The version of Skype installed on the remote host reportedly uses improper logic in its 'file:' URI handler when validating URLs by failing to check for certain dangerous file extensions and checking for others in a case-sensitive manner.

If an attacker can trick a user on the affected host into clicking on a specially crafted 'file:' URI, this issue could be leveraged to execute arbitrary code on the affected system subject to the user's privileges.

Note this only affects Skype for Windows.

Solution

Upgrade to Skype version 3.8.0.139 or later.

See Also

http://www.nessus.org/u?9341c10a

https://www.securityfocus.com/archive/1/493081/30/0/threaded

http://www.skype.com/security/skype-sb-2008-003.html

Plugin Details

Severity: High

ID: 33125

File Name: skype_2008_003.nasl

Version: 1.18

Type: remote

Agent: windows

Family: Windows

Published: 6/6/2008

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:skype:skype

Required KB Items: Services/skype

Exploit Ease: No known exploits are available

Reference Information

CVE: CVE-2008-1805, CVE-2008-2545

BID: 29553

CWE: 20

SECUNIA: 30547