Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
Skype Remote Format String Vulnerability - exploit.company
header-logo
Suggest Exploit
vendor:
Skype
by:
9
CVSS
CRITICAL
Remote Code Execution
134
CWE
Product Name: Skype
Affected Version From: Skype 1.5.0.79
Affected Version To: Skype 1.5.0.79
Patch Exists: NO
Related CWE:
CPE: a:skype:skype:1.5.0.79
Metasploit:
Other Scripts:
Platforms Tested: Apple Mac OS X

Skype Remote Format String Vulnerability

Skype is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before using it in the format-specification argument of a formatted-printing function. Exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the affected application, potentially facilitating the remote compromise of affected computers.

Mitigation:

Apply patches and updates from the vendor.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/20218/info

Skype is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before using it in the format-specification argument of a formatted-printing function.

Exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the affected application, potentially facilitating the remote compromise of affected computers.

Skype 1.5.0.79 and prior versions for Apple Mac OS X are vulnerable to this issue.

IFRAME SRC=skype:%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n

Navigation

Suggest Exploit

Services By CQR