SSA-2004-01: CALLTO HANDLING RANGE CHECK ERROR

Skype Security Advisory, June 15 2004

Overview

Early versions of Skype for Windows contain a range check error vulnerability that could possibly allow a remote attacker to crash a Skype instance.

Systems Affected

Microsoft Windows systems running Skype for Windows versions earlier than 0.98.0.28.

I. Description

A range check error exists in the way Skype parses command-line arguments. If Skype is executed with a command line longer than approximately 4096 characters, Skype would report an Access Violation and terminate.

The vulnerability can not be used for malicious code execution.

II. Impact

By inducing a user to click on a specially crafted callto: URL on a web page or in an HTML e-mail message, an attacker could cause Skype to crash.

III. Solution

Upgrade to Skype for Windows version 0.98.0.28 or higher.

http://www.skype.com/download/

IV. Credit

Skype thanks Hillel Himovich for discovering and reporting this issue.

Contact

The security of users is Skype's highest priority. You can contact Skype Product Security Incident Response Team (PSIRT) by e-mailing securityskype.net. Past advisories and the Skype PSIRT PGP key are available at http://www.skype.com/security/.