Download
| Alert*
oval:org.secpod.oval:def:9520
The host is installed with Skype before 4.1.0.179 on Windows and is prone to unspecified vulnerability. A flaw is present in the application, which fails to handle an unspecified error in the Extras Manager component. Successful exploitation has unknown impact and attack vectors. oval:org.secpod.oval:def:9521 The host is installed with Skype extension BETA 2.2.0.95 for Firefox and is prone to arbitrary code injection vulnerability. A flaw is present in the application, which fails to handle the skype_tool.copy_num method. Successful exploitation could allow remote attackers to write arbitrary data to the ... oval:org.secpod.oval:def:9522 The host is installed with Skype before 3.8.0.139 and is prone to remote code-execution vulnerability. A flaw is present in the application, which fails to handle URI with a dangerous extension that uses a different case. Successful exploitation could allow user-assisted remote attackers to bypass w ... oval:org.secpod.oval:def:9523 The host is installed with Skype before 3.8.0.139 and is prone to incomplete blacklist vulnerability. A flaw is present in the application, which fails to handle a file: URI that ends in an executable extension that is not covered by the blacklist. Successful exploitation could allow user-assisted r ... oval:org.secpod.oval:def:9524 The host is installed with Skype 3.5.x, 3.6.0.244 or earlier 3.6.x versions on Windows and is prone to cross-zone scripting vulnerability. A flaw is present in the application, which fails to handle the Metacafe Pro to the Skype video gallery. Successful exploitation could allow user-assisted remote ... oval:org.secpod.oval:def:9525 The host is installed with Skype 3.1 through 3.6.0.244 on Windows and is prone to cross-zone scripting vulnerability. A flaw is present in the application, which fails to handle the Local Machine Zone. Successful exploitation could allow remote attackers to inject arbitrary web script or HTML in the ... oval:org.secpod.oval:def:9526 The host is installed with Skype 3.5.x, 3.6.0.244 or earlier 3.6.x versions on Windows and is prone to cross-zone scripting vulnerability. A flaw is present in the application, which fails to handle the Local Machine Zone via the Title field in the Skype video gallery. Successful exploitation could ... oval:org.secpod.oval:def:39742 The host is installed with Skype 7.16.0.102 and is prone to a dll hijacking vulnerability. A flaw is present in the application, which fails to handle DLL (api-ms-win-core-winrt-string-l1-1-0.dll) loading by the Skype.exe process. Successful exploitation could allow allow an unauthenticated, remote ... oval:org.mitre.oval:def:11833 Untrusted search path vulnerability in Skype 4.2.0.169 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wab32.dll that is located in the same folder as a .skype file. oval:org.secpod.oval:def:38847 The host is installed with Skype before 7.30.80.103 and is prone to multiple untrusted search path vulnerabilities. The flaws are present in the application, which fails to handle a Trojan horse (1) msi.dll, (2) dpapi.dll, or (3) cryptui.dll that is located in the current working directory. Successf ... oval:org.mitre.oval:def:11875 Skype (32-bit) is installed oval:org.secpod.oval:def:41152 The host is installed with Skype 7.2, 7.35, 7.36 before 7.37 and is prone to a stack buffer overflow vulnerability. The flaws are present in the MSFTEDIT.DLL file, which fails to handle a remote RDP clipboard content within the message box. Successful exploitation could allow local users to have uns ... |