Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2008-2545

Published: 06/06/2008 Updated: 08/08/2017
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Skype

Vulnerability Summary

Skype 3.6.0.248, and other versions prior to 3.8.0.139, uses a case-sensitive comparison when checking for dangerous extensions, which allows user-assisted remote malicious users to bypass warning dialogs and possibly execute arbitrary code via a file: URI with a dangerous extension that uses a different case.

Vulnerable Product Search on Vulmon Subscribe to Product

skype technologies skype 3.0.0.123

skype technologies skype 3.0.0.137

skype technologies skype 3.0.0.217

skype technologies skype 3.0.0.218

skype technologies skype 3.2.0.115

skype technologies skype 3.2.0.145

skype technologies skype 3.2.0.63

skype technologies skype 3.2.0.82

skype technologies skype 3.5.0.239

skype technologies skype 3.6.0.127

skype technologies skype 3.0.0.198

skype technologies skype 3.0.0.205

skype technologies skype 3.1.0.144

skype technologies skype 3.1.0.147

skype technologies skype 3.2.0.158

skype technologies skype 3.2.0.163

skype technologies skype 3.5.0.178

skype technologies skype 3.5.0.202

skype technologies skype 3.5.0.214

skype technologies skype 3.6.0.244

skype technologies skype 3.6.0.248

skype technologies skype 3.0.0.154

skype technologies skype 3.0.0.190

skype technologies skype 3.1.0.112

skype technologies skype 3.1.0.134

skype technologies skype 3.2.0.148

skype technologies skype 3.2.0.152

skype technologies skype 3.5.0.107

skype technologies skype 3.5.0.158

skype technologies skype 3.6.0.159

skype technologies skype 3.6.0.216

skype technologies skype 3.0.0.106

skype technologies skype 3.0.0.209

skype technologies skype 3.0.0.214

skype technologies skype 3.0.0.216

skype technologies skype 3.1.0.150

skype technologies skype 3.1.0.152

skype technologies skype 3.2.0.175

skype technologies skype 3.2.0.53

skype technologies skype 3.5.0.229

skype technologies skype 3.5.0.234

skype technologies skype 3.8.0.96

skype technologies skype

References

CWE-20http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=711http://www.skype.com/security/skype-sb-2008-003.htmlhttp://www.securityfocus.com/bid/29553http://www.securitytracker.com/id?1020201http://secunia.com/advisories/30547http://www.vupen.com/english/advisories/2008/1749/referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/43044https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661open redirectCVE-2024-25512CVE-2024-33788command injectionSSTICVE-2024-0043CVE-2024-29210CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook