RSS   Vulnerabilities for 'Skype'   RSS

2021-01-11
 
CVE-2020-24003

NVD-CWE-noinfo
 
 
Microsoft Skype through 8.59.0.77 on macOS has the disable-library-validation entitlement, which allows a local process (with the user's privileges) to obtain unprompted microphone and camera access by loading a crafted library and thereby inheriting Skype Client's microphone and camera access.

 
2019-05-16
 
CVE-2019-0932

CWE-200
 
 
An information disclosure vulnerability exists in Skype for Android, aka 'Skype for Android Information Disclosure Vulnerability'.

 
2019-01-08
 
CVE-2019-0622

CWE-264
 
 
An elevation of privilege vulnerability exists when Skype for Andriod fails to properly handle specific authentication requests, aka "Skype for Android Elevation of Privilege Vulnerability." This affects Skype 8.35.

 
2018-06-26
 
CVE-2018-0595

CWE-426
 
 
Untrusted search path vulnerability in the installer of Skype for Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

 
 
CVE-2018-0594

CWE-426
 
 
Untrusted search path vulnerability in Skype for Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

 
2017-06-26
 
CVE-2017-9948

 
 
A stack buffer overflow vulnerability has been discovered in Microsoft Skype 7.2, 7.35, and 7.36 before 7.37, involving MSFTEDIT.DLL mishandling of remote RDP clipboard content within the message box.

 
2017-03-23
 
CVE-2017-6517

CWE-427
 
 
Microsoft Skype 7.16.0.102 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. This vulnerability exists due to the way .dll files are loaded by Skype. It allows an attacker to load a .dll of the attacker's choosing that could execute arbitrary code without the user's knowledge.The specific flaw exists within the handling of DLL (api-ms-win-core-winrt-string-l1-1-0.dll) loading by the Skype.exe process.

 
2017-01-23
 
CVE-2016-5720

 
 
Multiple untrusted search path vulnerabilities in Microsoft Skype allow local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) msi.dll, (2) dpapi.dll, or (3) cryptui.dll that is located in the current working directory.

 

 >>> Vendor: Microsoft 622 Products
Exchange server
Internet information server
Site server
Frontpage
Personal web server
Windows 95
Windows nt
Winsock
IE
Windows 2000
WINS
Netmeeting
WORD
Windows 98
Access
Backoffice
Backoffice resource kit
Office
Outlook
Project
Visual basic
Terminal server
All windows
Excel
Hotmail
Java virtual machine
Commercial internet system
Site server commerce
Windows 98se
Outlook express
Windows explorer
Sql server
Data access components
Index server
Sna server
Zero administration kit
Powerpoint
Msn setup bulletin board services
Visual interdev
Webtv
Office converter pack
Systems management server
Virtual machine
Visual studio
Clip art
Greetings
Home publishing
Data engine
Windows media services
Windows messaging
Windows media rights manager
Proxy server
JET
Active movie control
Photodraw 2000
Works
Money
Network monitor
Windows media player
Indexing service
Windows me
MSDE
Windows xp
Windows script host
PLUS
Windows ce
Isa server
Frontpage server extensions
Services
Windows 2000 terminal services
Interix
Commerce server
Xml core services
Entourage
Msn chat control
Msn messenger
Msn messenger service for exchange
.net framework
Windows 98 plus pack
Microsoft data access components
Visual foxpro
Metadirectory services
Content management server
Tsac activex control
Office web components
Windows help
Ie for macintosh
.net windows server
Directx files viewer control
File transfer manager
Baseline security analyzer
Foundation class library
Windows 2003 server
Network firmware
Windows-nt
Biztalk server
Directx
Visio
Wordperfect converter
Asp.net
See all Products for Vendor Microsoft

Copyright 2024, cxsecurity.com

 

Back to Top