CVSS: 10.0EPSS: 4%CPEs: 18EXPL: 1CVE-2005-3267
https://notcve.org/view.php?id=CVE-2005-3267
Integer overflow in Skype client before 1.4.x.84 on Windows, before 1.3.x.17 on Mac OS, before 1.2.x.18 on Linux, and 1.1.x.6 and earlier allows remote attackers to cause a denial of service (crash) via crafted network data with a large Object Counter value, which leads to a resultant heap-based buffer overflow. • http://marc.info/?l=bugtraq&m=113026202728568&w=2 http://secunia.com/advisories/17305 http://securityreason.com/securityalert/115 http://skype.com/security/skype-sb-2005-03.html http://www.kb.cert.org/vuls/id/905177 http://www.osvdb.org/20306 http://www.securityfocus.com/bid/15192 http://www.vupen.com/english/advisories/2005/2197 https://exchange.xforce.ibmcloud.com/vulnerabilities/22850 • CWE-189: Numeric Errors •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 1CVE-2005-2300
https://notcve.org/view.php?id=CVE-2005-2300
Skype 1.1.0.20 and earlier allows local users to overwrite arbitrary files via a symlink attack on the skype_profile.jpg temporary file. Skype 1.1.0.20 y anteriores permite que usuarios locales sobreescriban ficheros arbitrarios mediante un ataque de enlaces simbólicos en el fichero temporal "skype_profile.jpg". • http://marc.info/?l=bugtraq&m=112156036013818&w=2 http://secunia.com/advisories/16105 http://www.zone-h.org/advisories/read/id=7808 •
CVSS: 4.6EPSS: 0%CPEs: 4EXPL: 0CVE-2005-1407
https://notcve.org/view.php?id=CVE-2005-1407
Skype for Windows 1.2.0.0 to 1.2.0.46 allows local users to bypass the identity check for an authorized application, then call arbitrary Skype API functions by modifying or replacing that application. • http://www.skype.com/security/ssa-2005-01.html •
CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 2CVE-2004-1777
https://notcve.org/view.php?id=CVE-2004-1777
A "range check error" in Skype for Windows before 0.98.0.28 allows local and remote attackers to cause a denial of service (application crash) via long command line arguments or a long callto:// URL, a different vulnerability than CVE-2004-1114. • http://lists.virus.org/bugtraq-0406/msg00221.html http://securitytracker.com/id?1010490 http://www.osvdb.org/11860 http://www.skype.com/security/ssa-2004-01.html • CWE-20: Improper Input Validation •
CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0CVE-2004-1778
https://notcve.org/view.php?id=CVE-2004-1778
Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, creates the /usr/share/skype/lang directory with world-writable permissions, which allows local users to modify language files and possibly conduct social engineering or other attacks. • http://marc.info/?l=bugtraq&m=110374568916303&w=2 http://marc.info/?l=bugtraq&m=110868557905786&w=2 http://www.securityfocus.com/bid/12081 https://exchange.xforce.ibmcloud.com/vulnerabilities/18644 • CWE-276: Incorrect Default Permissions •