Lucene search

[email protected]NVD:CVE-2005-1407

HistoryMay 03, 2005 - 4:00 a.m.

CVE-2005-1407

2005-05-0304:00:00

[email protected]

web.nvd.nist.gov

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

High

EPSS

Percentile

5.1%

JSON

Skype for Windows 1.2.0.0 to 1.2.0.46 allows local users to bypass the identity check for an authorized application, then call arbitrary Skype API functions by modifying or replacing that application.

Affected configurations

Nvd

Node

skype_technologiesskypeMatch1.2.0.0

skype_technologiesskypeMatch1.2.0.37

skype_technologiesskypeMatch1.2.0.41

skype_technologiesskypeMatch1.2.0.46

VendorProductVersionCPE
skype_technologiesskype1.2.0.0cpe:2.3:a:skype_technologies:skype:1.2.0.0:*:*:*:*:*:*:*
skype_technologiesskype1.2.0.37cpe:2.3:a:skype_technologies:skype:1.2.0.37:*:*:*:*:*:*:*
skype_technologiesskype1.2.0.41cpe:2.3:a:skype_technologies:skype:1.2.0.41:*:*:*:*:*:*:*
skype_technologiesskype1.2.0.46cpe:2.3:a:skype_technologies:skype:1.2.0.46:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
skype_technologies	skype	1.2.0.0	cpe:2.3:a:skype_technologies:skype:1.2.0.0:::::::*
skype_technologies	skype	1.2.0.37	cpe:2.3:a:skype_technologies:skype:1.2.0.37:::::::*
skype_technologies	skype	1.2.0.41	cpe:2.3:a:skype_technologies:skype:1.2.0.41:::::::*
skype_technologies	skype	1.2.0.46	cpe:2.3:a:skype_technologies:skype:1.2.0.46:::::::*

References

www.skype.com/security/ssa-2005-01.html

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2005-1407

cve1 cvelist1