Vulnerability Details CVE-2006-2312
Argument injection vulnerability in the URI handler in Skype 2.0.*.104 and 2.5.*.0 through 2.5.*.78 for Windows allows remote authorized attackers to download arbitrary files via a URL that contains certain command-line switches.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.045
EPSS Ranking 88.4%
CVSS Severity
CVSS v2 Score 2.6
References
- http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0549.html
- http://secunia.com/advisories/20154
- http://www.kb.cert.org/vuls/id/466428
- http://www.osvdb.org/25658
- http://www.securityfocus.com/archive/1/434707/30/4860/threaded
- http://www.securityfocus.com/bid/18038
- http://www.skype.com/security/skype-sb-2006-001.html
- http://www.vupen.com/english/advisories/2006/1871
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26557
- http://archives.neohapsis.com/archives/fulldisclosure/2006-05/0549.html
- http://secunia.com/advisories/20154
- http://www.kb.cert.org/vuls/id/466428
- http://www.osvdb.org/25658
- http://www.securityfocus.com/archive/1/434707/30/4860/threaded
- http://www.securityfocus.com/bid/18038
- http://www.skype.com/security/skype-sb-2006-001.html
- http://www.vupen.com/english/advisories/2006/1871
- https://exchange.xforce.ibmcloud.com/vulnerabilities/26557
Products affected by CVE-2006-2312
-
cpe:2.3:a:skype:skype:-
-
cpe:2.3:a:skype:skype:0.90.0.10
-
cpe:2.3:a:skype:skype:0.90.0.5
-
cpe:2.3:a:skype:skype:0.91.0.2
-
cpe:2.3:a:skype:skype:0.92.0.4
-
cpe:2.3:a:skype:skype:0.93.0.18
-
cpe:2.3:a:skype:skype:0.93.1.1
-
cpe:2.3:a:skype:skype:0.94.0.19
-
cpe:2.3:a:skype:skype:0.94.0.28
-
cpe:2.3:a:skype:skype:0.95.0.11
-
cpe:2.3:a:skype:skype:0.95.0.25
-
cpe:2.3:a:skype:skype:0.95.0.36
-
cpe:2.3:a:skype:skype:0.95.0.40
-
cpe:2.3:a:skype:skype:0.96.0.1
-
cpe:2.3:a:skype:skype:0.96.0.3
-
cpe:2.3:a:skype:skype:0.97.0.1
-
cpe:2.3:a:skype:skype:0.97.0.3
-
cpe:2.3:a:skype:skype:0.97.0.40
-
cpe:2.3:a:skype:skype:0.97.0.6
-
cpe:2.3:a:skype:skype:0.98.0.04
-
cpe:2.3:a:skype:skype:0.98.0.28
-
cpe:2.3:a:skype:skype:0.98.0.42
-
cpe:2.3:a:skype:skype:0.98.0.6
-
cpe:2.3:a:skype:skype:0.98.0.68
-
cpe:2.3:a:skype:skype:1.0.0.10
-
cpe:2.3:a:skype:skype:1.0.0.100
-
cpe:2.3:a:skype:skype:1.0.0.106
-
cpe:2.3:a:skype:skype:1.0.0.18
-
cpe:2.3:a:skype:skype:1.0.0.29
-
cpe:2.3:a:skype:skype:1.0.0.9
-
cpe:2.3:a:skype:skype:1.0.0.94
-
cpe:2.3:a:skype:skype:1.0.0.97
-
cpe:2.3:a:skype:skype:1.1.0.6
-
cpe:2.3:a:skype:skype:1.1.0.73
-
cpe:2.3:a:skype:skype:1.1.0.79
-
cpe:2.3:a:skype:skype:1.2.0.37
-
cpe:2.3:a:skype:skype:1.2.0.41
-
cpe:2.3:a:skype:skype:1.2.0.48
-
cpe:2.3:a:skype:skype:1.3.0.45
-
cpe:2.3:a:skype:skype:1.3.0.48
-
cpe:2.3:a:skype:skype:1.3.0.51
-
cpe:2.3:a:skype:skype:1.3.0.54
-
cpe:2.3:a:skype:skype:1.3.0.55
-
cpe:2.3:a:skype:skype:1.3.0.57
-
cpe:2.3:a:skype:skype:1.3.0.60
-
cpe:2.3:a:skype:skype:1.3.0.66
-
cpe:2.3:a:skype:skype:1.4.0.71
-
cpe:2.3:a:skype:skype:1.4.0.78
-
cpe:2.3:a:skype:skype:1.4.0.84
-
cpe:2.3:a:skype:skype:2.0.0.103
-
cpe:2.3:a:skype:skype:2.0.0.69
-
cpe:2.3:a:skype:skype:2.0.0.73
-
cpe:2.3:a:skype:skype:2.0.0.79
-
cpe:2.3:a:skype:skype:2.0.0.81
-
cpe:2.3:a:skype:skype:2.0.0.90
-
cpe:2.3:a:skype:skype:2.0.0.97
-
cpe:2.3:a:skype:skype:2.5.0.72
-
cpe:2.3:o:microsoft:windows:-
-
cpe:2.3:o:microsoft:windows:1.0
-
cpe:2.3:o:microsoft:windows:2.0
-
cpe:2.3:o:microsoft:windows:2000
-
cpe:2.3:o:microsoft:windows:3.0
-
cpe:2.3:o:microsoft:windows:3.1
-
cpe:2.3:o:microsoft:windows:3.11
-
cpe:2.3:o:microsoft:windows:server_2008
-
cpe:2.3:o:microsoft:windows:vista