|
|
CVE Reference: CVE-2008-2545 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-2545 |
|
|
Description: Skype 3.6.0.248, and other versions before 3.8.0.139, uses a case-sensitive comparison when checking for dangerous extensions, which allows user-assisted remote attackers to bypass warning dialogs and possibly execute arbitrary code via a file: URI with a dangerous extension that uses a different case. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/43044 ST 1020201 SAID Secunia Advisory: SA30547 IDEFENSE http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=711 CONFIRM http://www.skype.com/security/skype-sb-2008-003.html BID 29553 |
|
| Return to the previous page. |
