Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1778

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2004-1778
Last Modified 05 Sep 2008 04:42:20
Published 22 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2004-1778

Summary

Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, creates the /usr/share/skype/lang directory with world-writable permissions, which allows local users to modify language files and possibly conduct social engineering or other attacks.

Vulnerable Systems


References

XF - skype-lang-insecure-permissions(18644)

BUGTRAQ - 20041222 Permission problem in Skype BETA for linux

BID - 12081

BUGTRAQ - 20050216 Re: Permission problem in Skype BETA for linux


Last Updated: 27 May 2016 10:39:10