Argument injection vulnerability in the URI handler in Skype 2.0.*.104 and 2.5.*.0 through 2.5.*.78 for Windows allows remote authorized attackers to download arbitrary files via a URL that contains certain command-line switches.
References
Configurations
Configuration 1 (hide)
AND |
|
History
No history.
Information
Published : 2006-05-19 21:02
Updated : 2025-04-03 01:03
NVD link : CVE-2006-2312
Mitre link : CVE-2006-2312
CVE.ORG link : CVE-2006-2312
JSON object : View
Products Affected
skype
- skype
microsoft
- windows
CWE
CWE-88
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')