Описание
Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, creates the /usr/share/skype/lang directory with world-writable permissions, which allows local users to modify language files and possibly conduct social engineering or other attacks.
Ссылки
- Issue TrackingMailing ListThird Party Advisory
- Issue TrackingMailing ListThird Party Advisory
- Broken LinkThird Party AdvisoryVDB EntryVendor Advisory
- Third Party AdvisoryVDB Entry
- Issue TrackingMailing ListThird Party Advisory
- Issue TrackingMailing ListThird Party Advisory
- Broken LinkThird Party AdvisoryVDB EntryVendor Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:skype:skype:0.92.0.12:*:*:*:*:*:*:*
cpe:2.3:a:skype:skype:1.0.0.1:*:*:*:*:*:*:*
EPSS
Процентиль: 19%
0.0006
Низкий
4.6 Medium
CVSS2
Дефекты
CWE-276
Связанные уязвимости
github
больше 3 лет назад
Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, creates the /usr/share/skype/lang directory with world-writable permissions, which allows local users to modify language files and possibly conduct social engineering or other attacks.
EPSS
Процентиль: 19%
0.0006
Низкий
4.6 Medium
CVSS2
Дефекты
CWE-276