Lucene search

[email protected]CVE-2006-5084

HistorySep 29, 2006 - 12:07 a.m.

CVE-2006-5084

2006-09-2900:07:00

CWE-20

[email protected]

web.nvd.nist.gov

ebay

skype

mac

vulnerability

remote attackers

denial of service

code execution

malformed url

nvd

8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.234 Low

EPSS

Percentile

96.5%

JSON

Format string vulnerability in the NSRunAlertPanel function in eBay Skype for Mac 1.5.*.79 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed Skype URL, as originally reported to involve a null dereference.

CPENameOperatorVersion
skype_technologies:skypeskype technologies skypele1.5.0.79

CPE	Name	Operator	Version
skype_technologies:skype	skype technologies skype	le	1.5.0.79

References

secunia.com/advisories/22185/

security-protocols.com/vids/skype_osx_0day.htm

securitytracker.com/id?1016966

www.kb.cert.org/vuls/id/202604

www.security-protocols.com/modules.php?name=News&file=article&sid=3259

www.securityfocus.com/bid/20218

www.skype.com/security/skype-sb-2006-002.html

www.vupen.com/english/advisories/2006/3895

8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.234 Low

EPSS

Percentile

96.5%

JSON

Related for CVE-2006-5084

cert1