Intrusion Prevention

Skype.Skype4com.URI.Handler.Memory.Corruption

Description

This indicates an attempt to exploit a boundry error in Skype.
Skype is vulnerable to a boundary error in Skype4COM.dll, in the "skype4com" URI handler. The error occurs when processing short strings through a web browser. As a result an attacker can execute arbitrary code on a vulnerable system.

Affected Products

Skype versions older than 3.6.0.216

Impact

System Compromise: remote attackers can gain control of vulnerable systems.

Recommended Actions

Update to version 3.6.0.216 or later.

CVE References

CVE-2007-5989