Skype Cross Zone Scripting Vulnerability Fix Released

Source: snapvoip.blogspot.com

Skype has issued a fix for the recent Skype flaw, discovered by Aviv Raff. The stems from the fact that Skype uses Internet Explorer’s Web control to render internal and external HTML pages.

SKYPE-SB/2008-001: Skype Cross Zone Scripting Vulnerability
Bulletin title: Skype Cross Zone Scripting Vulnerability
Bulletin ID: SKYPE-SB/2008-001
Bulletin status: FINAL
Date of announcement: 2008-02-05 14:00:00 +0000
Products affected: Skype for Windows
Vulnerability type: Code injection
CVE references:
Risk assessment: HIGH
CVSS base score: 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • del.icio.us
  • blinkbits
  • BlinkList
  • Blue Dot
  • Fark
  • Fleck
  • Furl
  • Netscape
  • NewsVine
  • Reddit
  • Shadows
  • Slashdot
  • SphereIt
  • Spurl
  • StumbleUpon
  • Technorati
  • YahooMyWeb
Published on February 10th, 2008 under ,

Similar posts:






Last 20 posts tagged "skype Vulnerability"

Secure Skype IM With FaceTime Communications’ Greynet Enterprise Manager

Source: snapvoip.blogspot.com

BELMONT, CALIFORNIA - FaceTime Communications, the leading provider of solutions that control Internet and unified communications (UC) in [...] …

Published on March 27th, 2008 under ,

Skype Cross Zone Scripting Vulnerability Fix Released

Source: snapvoip.blogspot.com

Skype has issued a fix for the recent Skype flaw, discovered by Aviv Raff. The stems from the fact that Skype uses Internet Explorer’s Web control to render internal and external HTML pages. …

Published on February 10th, 2008 under ,

Member of "Hype Media! Network"