[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Skype (<= 5.5.0.113, Windows) html/js code injection vulnerability

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Skype (<= 5.5.0.113, Windows) html/js code injection vulnerability
From: Levent Kayan <levonkayan@xxxxxxx>
Date: Wed, 17 Aug 2011 22:02:04 +0200

hello,

http://www.noptrix.net/advisories/skype_inject.txt

hint: applet/object tags + extern .js files. :)


cheers,
noptrix

-- 
Name: Levent 'noptrix' Kayan
E-Mail: noptrix@xxxxxxxxxxxxxxx
GPG key: 0x014652c0
Key fingerprint: ABEF 4B4B 5D93 32B8 D423 A623 823D 4162 0146 52C0 
Homepage: http://www.noptrix.net/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] [SECURITY] [DSA 2296-1] iceweasel security update
Next by Date: [Full-disclosure] FYI - Pauldotcom.com interview
Previous by thread: [Full-disclosure] [SECURITY] [DSA 2296-1] iceweasel security update
Next by thread: [Full-disclosure] FYI - Pauldotcom.com interview
Index(es):
- Date
- Thread