CVE-2007-5989

Sažetak

Unspecified vulnerability in the skype4com URI handler in Skype before 3.6 GOLD allows remote attackers to execute arbitrary code via "short string values" that result in heap corruption.

Reference

http://osvdb.org/39170
http://secunia.com/advisories/27934
http://securityreason.com/securityalert/3440
http://securitytracker.com/id?1019056
http://www.securityfocus.com/archive/1/484703/100/0/threaded
http://www.securityfocus.com/bid/26748
http://www.vupen.com/english/advisories/2007/4110
http://www.zerodayinitiative.com/advisories/ZDI-07-070.html

CVSS

Base:	6.8
Impact:	6.4
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

15-10-2018 - 21:48

Objavljeno

13-12-2007 - 21:46