CVE-2006-2312 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-2312
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-2312

Description: Argument injection vulnerability in the URI handler in Skype 2.0..104 and 2.5..0 through 2.5.*.78 for Windows allows remote authorized attackers to download arbitrary files via a URL that contains certain command-line switches.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/26557 SAID Secunia Advisory: SA20154 OSVDB 25658 FULLDISC http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0549.html CONFIRM http://www.skype.com/security/skype-sb-2006-001.html CERT-VN 466428 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/434707/30/4860/threaded BID 18038

Return to the previous page.