Vulnerabilities > Skype Technologies > Skype > 3.1.0.112
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-06-06 | CVE-2008-2545 | Improper Input Validation vulnerability in Skype Technologies Skype Skype 3.6.0.248, and other versions before 3.8.0.139, uses a case-sensitive comparison when checking for dangerous extensions, which allows user-assisted remote attackers to bypass warning dialogs and possibly execute arbitrary code via a file: URI with a dangerous extension that uses a different case. | 9.3 |
2008-06-06 | CVE-2008-1805 | Improper Input Validation vulnerability in Skype Technologies Skype Incomplete blacklist vulnerability in Skype 3.6.0.248, and other versions before 3.8.0.139, allows user-assisted remote attackers to bypass warning dialogs and possibly execute arbitrary code via a file: URI that ends in an executable extension that is not covered by the blacklist. | 9.3 |