SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Vulnerability Note VU#794236

SkypeFind fails to properly sanitize user-supplied input

Overview

The Skype client does not properly filter user-supplied input that was received from the SkypeFind service. This vulnerability may allow an attacker to execute arbitrary code.

I. Description

Skype is a peer-to-peer application that provides Voice over IP (VoIP) and Instant Messaging services. The Skype client is available for the Microsoft Windows, Apple OS X and Linux operating systems. SkypeFind allows users to review businesses. These reviews are viewable by others.

Skype does not properly filter input that was supplied to the SkypeFind full name field. An attacker may be able to exploit this vulnerability by injecting script into the full name field. When a user viewed the specially crafted SkypeFind profile, the script would be run in the Internet Explorer Local Machine Zone.

II. Impact

As explained in VU#248184, since the user-supplied script runs in the Local Machine Zone a remote unauthenticated attacker may be able to execute arbitrary code.

III. Solution

Skype has addressed this issue by filtering input supplied to the SkypeFind service.

Restrict access to the Skype URI

Blocking the skype: URI handler by using proxy servers or application firewalls may prevent some remote vulnerabilities in Skype from being exploited without user interaction.

Systems Affected

VendorStatusDate NotifiedDate Updated
Skype TechnologiesVulnerable6-Feb-2008

References


http://aviv.raffon.net/2008/01/31/AttackersCanSkypeFindYou.aspx
http://msdn2.microsoft.com/en-us/library/ms537183.aspx#local
http://www.skype.com/help/guides/skypefind.html
http://www.kb.cert.org/vuls/id/248184

Credit

This vulnerability was made public by Aviv Raff.

This document was written by Ryan Giobbi.

Other Information

Date Public:2008-01-31
Date First Published:2008-02-13
Date Last Updated:2008-02-13
CERT Advisory: 
CVE-ID(s):CVE-2008-0582; CVE-2008-0583
NVD-ID(s):CVE-2008-0582 CVE-2008-0583
US-CERT Technical Alerts: 
Metric:0.00
Document Revision:38

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

 
Page Corner Image
Produced 2008 by US-CERT, a government organization
Disclaimers and copyright information
Get Adobe Reader Get Adobe Reader