Skype File URI Security Bypass Code Execution Vulnerability
June 5, 2008 by Ismael Briones


Idefense has published my advisory about a potential security vulnerability in Skype. Explotation of this issue allows an attacker to execute arbitrary code.
To exploit it, an attacker needs to construct and send to the victim (as a skype chat message) a malicious file: URI. There are two flaws with this advisory. Once of them is […]

Read More >>


Posted in Vulnerabilities | 0 comments