Wednesday, October 04, 2006

Secunia Warns of 'Highly Critical' Skype Vulnerability

Dan Kaplan writes on SC Magazine Online:

Updating to the latest version of Skype for Mac OS X solves a "highly critical" vulnerability that could lead to the remote execution of arbitrary code, vulnerability monitoring firm Secunia said Monday in an advisory.

The flaw, reported by security researcher Tom Ferris, is caused by a malformed URL in the free voice over IP (VoIP) service that, if followed, could lead to a user's system being compromised.

According to a Skype bulletin, "this behavior is due to incorrect handling of arguments passed to a function in the Skype URI (uniform resource identifier) handler than initializes an alert panel."

More here.

posted by Fergie @ 10/04/2006 10:07:00 AM

0 Comments:

Post a Comment

<< Home