Skype Technologies Skype 1.5 - NSRunAlertPanel Remote Format String

2006-09-26T00:00:00
ID EXPLOITPACK:7E20F8F1BACCB22BEA1A4401D8B67079
Type exploitpack
Reporter Tom Ferris
Modified 2006-09-26T00:00:00

Description

Skype Technologies Skype 1.5 - NSRunAlertPanel Remote Format String

                                        
                                            source: https://www.securityfocus.com/bid/20218/info

Skype is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before using it in the format-specification argument of a formatted-printing function.

Exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the affected application, potentially facilitating the remote compromise of affected computers.

Skype 1.5.0.79 and prior versions for Apple Mac OS X are vulnerable to this issue.

IFRAME SRC=skype:%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n%n