Skype file: URI Handling Security Bypass Arbitrary Code Execution (uncredentialed check)
High Nessus Plugin ID 33125
SynopsisThe remote Skype client is affected by a security policy bypass vulnerability.
DescriptionThe version of Skype installed on the remote host reportedly uses improper logic in its 'file:' URI handler when validating URLs by failing to check for certain dangerous file extensions and checking for others in a case-sensitive manner.
If an attacker can trick a user on the affected host into clicking on a specially crafted 'file:' URI, this issue could be leveraged to execute arbitrary code on the affected system subject to the user's privileges.
Note this only affects Skype for Windows.
SolutionUpgrade to Skype version 188.8.131.52 or later.