Tuesday, October 25, 2005

Skype Multiple URI and VCARD Handling Buffer Overflow Vulnerabilities

Via FrSIRT.

Advisory ID : FrSIRT/ADV-2005-2197
CVE ID : CVE-2005-3265 - CVE-2005-3267
Rated as : Critical
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2005-10-25

* Technical Description *

Multiple vulnerabilities were identified in Skype, which could be exploited by remote attackers to execute arbitrary commands or cause a denial of service.

The first issue is due to buffer overflow errors when processing a specially crafted "callto://" or "skype://" URL, which could be exploited by attackers to execute arbitrary commands.

The second vulnerability is due to an error when importing non-standard VCARD files, which could be exploited by attackers to compromise a vulnerable system by convincing a user to import a malicious VCARD.

The third flaw is due to an unspecified error in a specific networking routine, which could be exploited by attackers to execute arbitrary commands or cause a denial of service.

* Affected Products *

Skype for Windows Release 1.4.*.83 and prior
Skype for Mac OS X Release 1.3.*.16 and prior
Skype for Linux Release 1.2.*.17 and prior
Skype for Pocket PC Release 1.1.*.6 and prior

* Solution *

Apply patches :
http://www.skype.com/download/

* References *

http://www.frsirt.com/english/advisories/2005/2197
http://www.skype.com/security/skype-sb-2005-02.html
http://www.skype.com/security/skype-sb-2005-03.html
http://www.pentest.co.uk/documents/ptl-2005-01.html



0 Comments:

Post a Comment

<< Home