Skype for Consumer Remote Code Execution Vulnerability
CVSS Score
8.8
EPSS Score
0.037
Published
2024-03-12
Unspecified vulnerability in the client in Skype 5.x before 5.1.0.922 on Mac OS X allows remote authenticated users to execute arbitrary code or cause a denial of service (application crash) via a crafted message.
CVSS Score
8.5
EPSS Score
0.048
Published
2011-05-10
Untrusted search path vulnerability in Skype 4.2.0.169 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse wab32.dll that is located in the same folder as a .skype file.
CVSS Score
9.3
EPSS Score
0.046
Published
2010-08-26
Unspecified vulnerability in the Extras Manager before 2.0.0.67 in Skype before 4.1.0.179 on Windows has unknown impact and attack vectors.
CVSS Score
10.0
EPSS Score
0.004
Published
2010-03-26
Argument injection vulnerability in the URI handler in Skype 2.0.*.104 and 2.5.*.0 through 2.5.*.78 for Windows allows remote authorized attackers to download arbitrary files via a URL that contains certain command-line switches.
CVSS Score
2.6
EPSS Score
0.045
Published
2006-05-19
Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, creates the /usr/share/skype/lang directory with world-writable permissions, which allows local users to modify language files and possibly conduct social engineering or other attacks.
CVSS Score
4.6
EPSS Score
0.001
Published
2004-12-22