Lucene search

MitreCVE-2007-5989

HistoryDec 13, 2007 - 9:46 p.m.

CVE-2007-5989

2007-12-1321:46:00

CWE-119

mitre

web.nvd.nist.gov

skype4com

uri handler

remote code execution

cve-2007-5989

nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

Low

EPSS

0.871

Percentile

98.7%

JSON

Unspecified vulnerability in the skype4com URI handler in Skype before 3.6 GOLD allows remote attackers to execute arbitrary code via “short string values” that result in heap corruption.

Affected configurations

Nvd

Node

skype_technologiesskypeMatch0.98.0.04

skype_technologiesskypeMatch1.0.0.9

skype_technologiesskypeMatch1.0.0.10

skype_technologiesskypeMatch1.0.0.18

skype_technologiesskypeMatch1.0.0.29

skype_technologiesskypeMatch1.0.0.94

skype_technologiesskypeMatch1.0.0.97

skype_technologiesskypeMatch1.0.0.100

skype_technologiesskypeMatch1.1.0.0

skype_technologiesskypeMatch1.4.0.83

skype_technologiesskypeMatch1.5.0.79

skype_technologiesskypeMatch1.5.80

skype_technologiesskypeMatch2.0

skype_technologiesskypeMatch2.0.104

skype_technologiesskypeMatch2.0.105

skype_technologiesskypeMatch2.5

skype_technologiesskypeMatch2.5.78

skype_technologiesskypeMatch2.5.79

VendorProductVersionCPE
skype_technologiesskype0.98.0.04cpe:2.3:a:skype_technologies:skype:0.98.0.04:*:*:*:*:*:*:*
skype_technologiesskype1.0.0.9cpe:2.3:a:skype_technologies:skype:1.0.0.9:*:*:*:*:*:*:*
skype_technologiesskype1.0.0.10cpe:2.3:a:skype_technologies:skype:1.0.0.10:*:*:*:*:*:*:*
skype_technologiesskype1.0.0.18cpe:2.3:a:skype_technologies:skype:1.0.0.18:*:*:*:*:*:*:*
skype_technologiesskype1.0.0.29cpe:2.3:a:skype_technologies:skype:1.0.0.29:*:*:*:*:*:*:*
skype_technologiesskype1.0.0.94cpe:2.3:a:skype_technologies:skype:1.0.0.94:*:*:*:*:*:*:*
skype_technologiesskype1.0.0.97cpe:2.3:a:skype_technologies:skype:1.0.0.97:*:*:*:*:*:*:*
skype_technologiesskype1.0.0.100cpe:2.3:a:skype_technologies:skype:1.0.0.100:*:*:*:*:*:*:*
skype_technologiesskype1.1.0.0cpe:2.3:a:skype_technologies:skype:1.1.0.0:*:*:*:*:*:*:*
skype_technologiesskype1.4.0.83cpe:2.3:a:skype_technologies:skype:1.4.0.83:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
skype_technologies	skype	0.98.0.04	cpe:2.3:a:skype_technologies:skype:0.98.0.04:::::::*
skype_technologies	skype	1.0.0.9	cpe:2.3:a:skype_technologies:skype:1.0.0.9:::::::*
skype_technologies	skype	1.0.0.10	cpe:2.3:a:skype_technologies:skype:1.0.0.10:::::::*
skype_technologies	skype	1.0.0.18	cpe:2.3:a:skype_technologies:skype:1.0.0.18:::::::*
skype_technologies	skype	1.0.0.29	cpe:2.3:a:skype_technologies:skype:1.0.0.29:::::::*
skype_technologies	skype	1.0.0.94	cpe:2.3:a:skype_technologies:skype:1.0.0.94:::::::*
skype_technologies	skype	1.0.0.97	cpe:2.3:a:skype_technologies:skype:1.0.0.97:::::::*
skype_technologies	skype	1.0.0.100	cpe:2.3:a:skype_technologies:skype:1.0.0.100:::::::*
skype_technologies	skype	1.1.0.0	cpe:2.3:a:skype_technologies:skype:1.1.0.0:::::::*
skype_technologies	skype	1.4.0.83	cpe:2.3:a:skype_technologies:skype:1.4.0.83:::::::*