CVE-2006-2312

Argument injection vulnerability in the URI handler in Skype 2.0.*.104 and 2.5.*.0 through 2.5.*.78 for Windows allows remote authorized attackers to download arbitrary files via a URL that contains certain command-line switches.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:skype_technologies:skype:0.98.0.04:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.0.0.9:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.0.0.10:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.0.0.18:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.0.0.29:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.0.0.94:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.0.0.97:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.0.0.100:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:1.4.0.83:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:2.0:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:2.0.104:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:2.5:*:*:*:*:*:*:*
cpe:2.3:a:skype_technologies:skype:2.5.78:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2006-05-19 21:02

Updated : 2018-10-18 16:39


NVD link : CVE-2006-2312

Mitre link : CVE-2006-2312


JSON object : View

Products Affected

skype_technologies

  • skype

microsoft

  • windows
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')