Skype Technologies Skype networking routine heap overflow vulnerability
March 17, Security Focus — Skype Technologies Skype networking routine heap overflow vulnerability. Skype is prone to a heap overflow vulnerability in its networking routines. Analysis: An attacker who sends a stream of specifically crafted network traffic to a Skype client network can cause the client to overwrite part of the heap, including the heap integrity control data. Since the attacker cannot control the address where the data is written, the most likely effect will be that the Skype will abort execution due to an internal error, although other unpredictable behavior is possible. Such a crash will lead to a loss of availability of the Skype application until it is restarted by the user. A complete list of vulnerable products is available in the source advisory. Solution: A fix for Skype for Pocket PC is not currently available. For further solution details: http://www.securityfocus.com/bid/15192/solution Source: http://www.securityfocus.com/bid/15192/references
Technorati Tags
VoIP
IP Telephony
Voice Over IP
VoIP security
Skype
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine