Описание
Buffer overflow in Skype for Windows 1.1.x.0 through 1.4.x.83 allows remote attackers to execute arbitrary code via (1) callto:// and (2) skype:// links, or (3) a non-standard VCARD, possibly due to an underlying error in the SysUtils.WideFmtStr Delphi routine.
Buffer overflow in Skype for Windows 1.1.x.0 through 1.4.x.83 allows remote attackers to execute arbitrary code via (1) callto:// and (2) skype:// links, or (3) a non-standard VCARD, possibly due to an underlying error in the SysUtils.WideFmtStr Delphi routine.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2005-3265
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22848
- http://secunia.com/advisories/17305
- http://skype.com/security/skype-sb-2005-02.html
- http://www.kb.cert.org/vuls/id/668193
- http://www.kb.cert.org/vuls/id/930345
- http://www.pentest.co.uk/documents/ptl-2005-01.html
- http://www.securityfocus.com/bid/15190
- http://www.vupen.com/english/advisories/2005/2197
Связанные уязвимости
Buffer overflow in Skype for Windows 1.1.x.0 through 1.4.x.83 allows remote attackers to execute arbitrary code via (1) callto:// and (2) skype:// links, or (3) a non-standard VCARD, possibly due to an underlying error in the SysUtils.WideFmtStr Delphi routine.