Signature Detail

HTTP: Skype URI Handler Heap Corruption Exploit

This signature detects attempts to exploit a known vulnerability in Skype's Skype4Com URI handler. An attacker can create a malicious Web site containing Web pages with dangerous SWkype URl's, which if accessed by a victim, allows the attacker to gain control of the victim's client browser, Skype Technologies' clients prior to 3.6 Gold are vulnerable.

Extended Description

Skype is prone to a remote heap-based memory-corruption vulnerability because of a flaw in the application's URI handler. Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the affected application, facilitating the compromise of affected computers. Versions prior to Skype 3.6.0.216 for Windows are affected. It is currently unknown if other platforms are affected.

Affected Products

• Skype Technologies Skype 0.98.0.04
• Skype Technologies Skype 1.0.0 .0.10
• Skype Technologies Skype 1.0.0 .0.100
• Skype Technologies Skype 1.0.0 .0.18
• Skype Technologies Skype 1.0.0 .0.29
• Skype Technologies Skype 1.0.0 .0.9
• Skype Technologies Skype 1.0.0 .0.94
• Skype Technologies Skype 1.0.0 .0.97
• Skype Technologies Skype 1.1.0 .0.0
• Skype Technologies Skype 1.4.0 .0.83
• Skype Technologies Skype 1.5.0 .79
• Skype Technologies Skype 1.5.0 80
• Skype Technologies Skype 2.0
• Skype Technologies Skype 2.0.0.104
• Skype Technologies Skype 2.0.0.105
• Skype Technologies Skype 2.5
• Skype Technologies Skype 2.5.0.78
• Skype Technologies Skype 2.5.0.79
• Skype Technologies Skype

References

• BugTraq: 26748
• CVE: CVE-2007-5989
• URL: http://securitytracker.com/alerts/2007/Dec/1019056.html