Required CVE Record Information
Description
Buffer overflow in the handling of command line arguments in Skype 1.0.x.94 through 1.0.x.98 allows remote attackers to execute arbitrary code via a callto:// URL with a long non-existent username, a different vulnerability than CVE-2004-1777.
References 9 Total
- http://www.skype.com/products/skype/windows/changelog.html
- http://www.skype.com/security/ssa-2004-02.html
- lists.grok.org.uk: 20041116 Skype callto:// BoF technical details mailing-list
- marc.info: 20041116 Skype callto:// BoF technical details mailing-list
- marc.info: 20041115 Re: Skype callto:// BoF technical details mailing-list
- securityfocus.com: 11682 vdb-entry
- osvdb.org: 11786 vdb-entry
- exchange.xforce.ibmcloud.com: skype-callto-uri-bo(18063) vdb-entry
- secunia.com: 13191 third-party-advisory
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 9 Total
- http://www.skype.com/products/skype/windows/changelog.html x_transferred
- http://www.skype.com/security/ssa-2004-02.html x_transferred
- lists.grok.org.uk: 20041116 Skype callto:// BoF technical details mailing-listx_transferred
- marc.info: 20041116 Skype callto:// BoF technical details mailing-listx_transferred
- marc.info: 20041115 Re: Skype callto:// BoF technical details mailing-listx_transferred
- securityfocus.com: 11682 vdb-entryx_transferred
- osvdb.org: 11786 vdb-entryx_transferred
- exchange.xforce.ibmcloud.com: skype-callto-uri-bo(18063) vdb-entryx_transferred
- secunia.com: 13191 third-party-advisoryx_transferred