• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Skype 'file://' URI Handler Bypass Remote Code Execution Vulnerability

Skype is prone to a remote code-execution vulnerability.

An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the affected application. Successfully exploiting this issue may compromise the affected application and possibly the underlying computer.

Versions prior to Skype 3.8.0.139 are vulnerable.