cpe:/a:skype_technologies:skype:3.0.0.106:beta cpe:/a:skype_technologies:skype:3.0.0.123:beta cpe:/a:skype_technologies:skype:3.0.0.137:beta cpe:/a:skype_technologies:skype:3.0.0.154:beta cpe:/a:skype_technologies:skype:3.0.0.190 cpe:/a:skype_technologies:skype:3.0.0.198 cpe:/a:skype_technologies:skype:3.0.0.205 cpe:/a:skype_technologies:skype:3.0.0.209 cpe:/a:skype_technologies:skype:3.0.0.214 cpe:/a:skype_technologies:skype:3.0.0.216 cpe:/a:skype_technologies:skype:3.0.0.217 cpe:/a:skype_technologies:skype:3.0.0.218 cpe:/a:skype_technologies:skype:3.1.0.112:beta cpe:/a:skype_technologies:skype:3.1.0.134:beta cpe:/a:skype_technologies:skype:3.1.0.144 cpe:/a:skype_technologies:skype:3.1.0.147 cpe:/a:skype_technologies:skype:3.1.0.150 cpe:/a:skype_technologies:skype:3.1.0.152 cpe:/a:skype_technologies:skype:3.2.0.53:beta cpe:/a:skype_technologies:skype:3.2.0.63:beta cpe:/a:skype_technologies:skype:3.2.0.82:beta cpe:/a:skype_technologies:skype:3.2.0.115:beta cpe:/a:skype_technologies:skype:3.2.0.145 cpe:/a:skype_technologies:skype:3.2.0.148 cpe:/a:skype_technologies:skype:3.2.0.152 cpe:/a:skype_technologies:skype:3.2.0.158 cpe:/a:skype_technologies:skype:3.2.0.163 cpe:/a:skype_technologies:skype:3.2.0.175 cpe:/a:skype_technologies:skype:3.5.0.107:beta cpe:/a:skype_technologies:skype:3.5.0.158:beta cpe:/a:skype_technologies:skype:3.5.0.178:beta cpe:/a:skype_technologies:skype:3.5.0.202 cpe:/a:skype_technologies:skype:3.5.0.214 cpe:/a:skype_technologies:skype:3.5.0.229 cpe:/a:skype_technologies:skype:3.5.0.234 cpe:/a:skype_technologies:skype:3.5.0.239 cpe:/a:skype_technologies:skype:3.6.0.127:beta cpe:/a:skype_technologies:skype:3.6.0.159:beta cpe:/a:skype_technologies:skype:3.6.0.216 cpe:/a:skype_technologies:skype:3.6.0.244 cpe:/a:skype_technologies:skype:3.6.0.248 cpe:/a:skype_technologies:skype:3.8.0.96:beta cpe:/a:skype_technologies:skype:3.8.0.115 CVE-2008-2545 2008-06-06T18:32:00.000-04:00 2017-08-07T21:31:08.403-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2008-06-09T12:20:00.000-04:00 ALLOWS_ADMIN_ACCESS SECTRACK 1020201 IDEFENSE 20080604 Skype File URI Security Bypass Code Execution Vulnerability BID 29553 SECUNIA 30547 VUPEN ADV-2008-1749 CONFIRM http://www.skype.com/security/skype-sb-2008-003.html XF skype-fileuri-case-security-bypass(43044) Skype 3.6.0.248, and other versions before 3.8.0.139, uses a case-sensitive comparison when checking for dangerous extensions, which allows user-assisted remote attackers to bypass warning dialogs and possibly execute arbitrary code via a file: URI with a dangerous extension that uses a different case.