Skype cross zone scripting vulnerability details and video
Posted on 18 January 2008.
Skype uses Internet Explorer web control to render HTML content. This is used also for providing "add video to mood" and "add video to chat" functionality.

This is realized over JS/ActiveX interface which allows scripts to be run in Local Zone security context of IE.

In order to exploit this an attacker must exploit code injection vulnerability at the partner site. Such vulnerability has been discovered in Dailymotion website.

An attacker who constructs a Title of the video in a specific way can cause arbitrary code to be executed on targets PC.

For the vulnerability to be triggered, the target must find this video in Skype video gallery browser Dailymotion's section. Watching the video in a Skype chat or in a mood message is safe, as Internet Explorer control is not used.

A user of Skype for Windows who navigates to the video with specially crafted Title from Dailymotion in Skype's video gallery may experience execution of arbitrary code without consent.

All Windows releases including 3.5.* and 3.6.* are vulnerable to this attack.

The proof of concept has been made public by Aviv Raff and Miroslav Lucinskij. Here's a video demonstration:






Spotlight

Intentional backdoors in iOS devices uncovered

Posted on 22 July 2014.  |  A researcher has revealed that Apple has equipped its mobile iOS with several undocumented features that can be used by attackers and law enforcement to access the sensitive data contained on the devices running it.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Jul 22nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //