Skype Web Content Zone Multiple Field Remote Code Execution (uncredentialed check)

High Nessus Plugin ID 30206


The remote Skype client is affected by a remote code execution issue through the web handler.


The version of Skype installed on the remote host reportedly may allow a remote attacker to execute arbitrary code by enticing the user to retrieve specially crafted we content through the skype interface.


Upgrade to Skype release or later.

See Also

Plugin Details

Severity: High

ID: 30206

File Name: skype_2008_001.nasl

Version: $Revision: 1.15 $

Type: remote

Agent: windows

Family: Windows

Published: 2008/02/07

Modified: 2016/12/14

Dependencies: 10785, 21208

Risk Information

Risk Factor: High


Base Score: 7.6

Temporal Score: 6.3

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:skype:skype

Required KB Items: Services/skype

Exploit Available: true

Exploit Ease: Exploits are available

Reference Information

CVE: CVE-2008-0454, CVE-2008-0582, CVE-2008-0583

BID: 27338

OSVDB: 42863, 42864, 42865, 42868

CWE: 79, 94