CVE-2004-1778
First published: Wed Dec 22 2004(Updated: )
Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, creates the /usr/share/skype/lang directory with world-writable permissions, which allows local users to modify language files and possibly conduct social engineering or other attacks.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Skype | =0.92.0.12 | |
| Microsoft Skype | =1.0.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2004-1778?
CVE-2004-1778 is considered a moderate severity vulnerability due to the potential for local users to exploit world-writable permissions.
How do I fix CVE-2004-1778?
To fix CVE-2004-1778, you should change the permissions of the /usr/share/skype/lang directory to restrict write access.
Which versions of Skype are affected by CVE-2004-1778?
CVE-2004-1778 affects Skype versions 0.92.0.12 and 1.0.0.1 for Linux.
What type of attacks can CVE-2004-1778 facilitate?
CVE-2004-1778 can potentially facilitate social engineering attacks or modification of language files by local users.
Is CVE-2004-1778 still relevant today?
While CVE-2004-1778 pertains to older versions of Skype, the underlying issue of world-writable directories remains a relevant security concern.
- agent/references
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/author
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/skype
- canonical/microsoft skype
- version/microsoft skype/0.92.0.12
- version/microsoft skype/1.0.0.1