CVE-2005-1407
First published: Tue May 03 2005(Updated: )
Skype for Windows 1.2.0.0 to 1.2.0.46 allows local users to bypass the identity check for an authorized application, then call arbitrary Skype API functions by modifying or replacing that application.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Skype | =1.2.0.46 | |
| Microsoft Skype | =1.2.0.0 | |
| Microsoft Skype | =1.2.0.41 | |
| Microsoft Skype | =1.2.0.37 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2005-1407?
CVE-2005-1407 is considered a high severity vulnerability due to its potential to allow arbitrary API function calls.
How do I fix CVE-2005-1407?
To fix CVE-2005-1407, you should update Skype to the latest version available beyond 1.2.0.46.
What systems are affected by CVE-2005-1407?
CVE-2005-1407 affects Skype versions 1.2.0.0 through 1.2.0.46.
What types of attacks can CVE-2005-1407 facilitate?
CVE-2005-1407 can facilitate local privilege escalation attacks by allowing unauthorized API function calls.
Is there a workaround for CVE-2005-1407?
There is no specific workaround for CVE-2005-1407; upgrading Skype to a patched version is necessary for mitigation.
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/remedy
- agent/severity
- agent/weakness
- agent/references
- agent/last-modified-date
- agent/author
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/skype technologies
- canonical/microsoft skype
- version/microsoft skype/1.2.0.46
- version/microsoft skype/1.2.0.0
- version/microsoft skype/1.2.0.41
- version/microsoft skype/1.2.0.37