Описание
Unspecified vulnerability in the skype4com URI handler in Skype before 3.6 GOLD allows remote attackers to execute arbitrary code via "short string values" that result in heap corruption.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:skype_technologies:skype:0.98.0.04:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.0.0.10:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.0.0.18:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.0.0.29:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.0.0.94:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.0.0.97:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.0.0.100:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.4.0.83:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.5.0.79:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.5.80:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:2.0:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:2.0.104:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:2.0.105:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:2.5:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:2.5.78:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:2.5.79:*:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.0774
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
почти 4 года назад
Unspecified vulnerability in the skype4com URI handler in Skype before 3.6 GOLD allows remote attackers to execute arbitrary code via "short string values" that result in heap corruption.
EPSS
Процентиль: 92%
0.0774
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-119