Incomplete blacklist vulnerability in Skype 3.6.0.248, and other versions before 3.8.0.139, allows user-assisted remote attackers to bypass warning dialogs and possibly execute arbitrary code via a file: URI that ends in an executable extension that is not covered by the blacklist.
2008-06-06T22:32:00.000
2025-04-09T00:30:58.490
Deferred
CVSSv2: 9.3 (HIGH)
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.6
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | skype_technologies | skype | ≤ 3.8.0.115 | Yes |
| Application | skype_technologies | skype | 3.0.0.106 | Yes |
| Application | skype_technologies | skype | 3.0.0.123 | Yes |
| Application | skype_technologies | skype | 3.0.0.137 | Yes |
| Application | skype_technologies | skype | 3.0.0.154 | Yes |
| Application | skype_technologies | skype | 3.0.0.190 | Yes |
| Application | skype_technologies | skype | 3.0.0.198 | Yes |
| Application | skype_technologies | skype | 3.0.0.205 | Yes |
| Application | skype_technologies | skype | 3.0.0.209 | Yes |
| Application | skype_technologies | skype | 3.0.0.214 | Yes |
| Application | skype_technologies | skype | 3.0.0.216 | Yes |
| Application | skype_technologies | skype | 3.0.0.217 | Yes |
| Application | skype_technologies | skype | 3.0.0.218 | Yes |
| Application | skype_technologies | skype | 3.1.0.112 | Yes |
| Application | skype_technologies | skype | 3.1.0.134 | Yes |
| Application | skype_technologies | skype | 3.1.0.144 | Yes |
| Application | skype_technologies | skype | 3.1.0.147 | Yes |
| Application | skype_technologies | skype | 3.1.0.150 | Yes |
| Application | skype_technologies | skype | 3.1.0.152 | Yes |
| Application | skype_technologies | skype | 3.2.0.53 | Yes |
| Application | skype_technologies | skype | 3.2.0.63 | Yes |
| Application | skype_technologies | skype | 3.2.0.82 | Yes |
| Application | skype_technologies | skype | 3.2.0.115 | Yes |
| Application | skype_technologies | skype | 3.2.0.145 | Yes |
| Application | skype_technologies | skype | 3.2.0.148 | Yes |
| Application | skype_technologies | skype | 3.2.0.152 | Yes |
| Application | skype_technologies | skype | 3.2.0.158 | Yes |
| Application | skype_technologies | skype | 3.2.0.163 | Yes |
| Application | skype_technologies | skype | 3.2.0.175 | Yes |
| Application | skype_technologies | skype | 3.5.0.107 | Yes |
| Application | skype_technologies | skype | 3.5.0.158 | Yes |
| Application | skype_technologies | skype | 3.5.0.178 | Yes |
| Application | skype_technologies | skype | 3.5.0.202 | Yes |
| Application | skype_technologies | skype | 3.5.0.214 | Yes |
| Application | skype_technologies | skype | 3.5.0.229 | Yes |
| Application | skype_technologies | skype | 3.5.0.234 | Yes |
| Application | skype_technologies | skype | 3.5.0.239 | Yes |
| Application | skype_technologies | skype | 3.6.0.127 | Yes |
| Application | skype_technologies | skype | 3.6.0.159 | Yes |
| Application | skype_technologies | skype | 3.6.0.216 | Yes |
| Application | skype_technologies | skype | 3.6.0.244 | Yes |
| Application | skype_technologies | skype | 3.6.0.248 | Yes |
| Application | skype_technologies | skype | 3.8.0.96 | Yes |