Vulnerabilities > CVE-2005-1407 - Local Security vulnerability in Skype

CVSS 4.6 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

local

low complexity

skype-technologies

NVD

Published: 2005-05-03

Updated: 2008-09-05

Summary

Skype for Windows 1.2.0.0 to 1.2.0.46 allows local users to bypass the identity check for an authorized application, then call arbitrary Skype API functions by modifying or replacing that application.

Vulnerable Configurations

Part	Description	Count
Application	Skype_Technologies Skype Technologies Skype 1.2.0.0 Skype Technologies Skype 1.2.0.37 Skype Technologies Skype 1.2.0.41 Skype Technologies Skype 1.2.0.46	4

References

http://www.skype.com/security/ssa-2005-01.html