Skype Technologies: Security Vulnerabilities
Skype 1.1.0.20 and earlier allows local users to overwrite arbitrary files via a symlink attack on the skype_profile.jpg temporary file.
CVSS Score
2.1
EPSS Score
0.001
Published
2005-07-19
Skype for Windows 1.2.0.0 to 1.2.0.46 allows local users to bypass the identity check for an authorized application, then call arbitrary Skype API functions by modifying or replacing that application.
CVSS Score
4.6
EPSS Score
0.001
Published
2005-05-03
Buffer overflow in the handling of command line arguments in Skype 1.0.x.94 through 1.0.x.98 allows remote attackers to execute arbitrary code via a callto:// URL with a long non-existent username, a different vulnerability than CVE-2004-1777.
CVSS Score
9.3
EPSS Score
0.149
Published
2005-01-10
A "range check error" in Skype for Windows before 0.98.0.28 allows local and remote attackers to cause a denial of service (application crash) via long command line arguments or a long callto:// URL, a different vulnerability than CVE-2004-1114.
CVSS Score
5.0
EPSS Score
0.009
Published
2004-12-31
Page 2