Skype URI Handling Arbitrary File Download (uncredentialed check)

Low Nessus Plugin ID 21576


The remote Skype client is affected by an information disclosure issue.


The version of Skype installed on the remote host reportedly may allow a remote attacker to initiate a file transfer to another Skype user by means of a specially crafted Skype URL.


Upgrade to Skype release 2.0.*.105 / 2.5.*.79 or later.

See Also

Plugin Details

Severity: Low

ID: 21576

File Name: skype_2006_001.nasl

Version: $Revision: 1.17 $

Type: remote

Agent: windows

Family: Windows

Published: 2006/05/19

Modified: 2012/02/09

Dependencies: 21208, 10785

Risk Information

Risk Factor: Low


Base Score: 2.6

Temporal Score: 2.5

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:F/RL:U/RC:C

Vulnerability Information

CPE: cpe:/a:skype:skype

Required KB Items: Services/skype

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2006/05/19

Reference Information

CVE: CVE-2006-2312

BID: 18038

OSVDB: 25658