Skype cross zone scripting vulnerability details and video
Posted on 18 January 2008.
Bookmark and Share
Skype uses Internet Explorer web control to render HTML content. This is used also for providing "add video to mood" and "add video to chat" functionality.

This is realized over JS/ActiveX interface which allows scripts to be run in Local Zone security context of IE.

In order to exploit this an attacker must exploit code injection vulnerability at the partner site. Such vulnerability has been discovered in Dailymotion website.

An attacker who constructs a Title of the video in a specific way can cause arbitrary code to be executed on targets PC.

For the vulnerability to be triggered, the target must find this video in Skype video gallery browser Dailymotion's section. Watching the video in a Skype chat or in a mood message is safe, as Internet Explorer control is not used.

A user of Skype for Windows who navigates to the video with specially crafted Title from Dailymotion in Skype's video gallery may experience execution of arbitrary code without consent.

All Windows releases including 3.5.* and 3.6.* are vulnerable to this attack.

The proof of concept has been made public by Aviv Raff and Miroslav Lucinskij. Here's a video demonstration:






Spotlight

Security pros and government failing to collaborate

Posted on 17 April 2014.  |  More effective collaboration between government and the information security industry is crucial to protecting organizations from future cyber threats. More work needs to be done to strengthen government’s position as a source of information on potential threats.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Apr 17th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //