VYPR
← All advisories
Unrated severityNVD Advisory· Published Jun 6, 2008· Updated Apr 23, 2026

CVE-2008-1805

CVE-2008-1805

Description

Incomplete blacklist vulnerability in Skype 3.6.0.248, and other versions before 3.8.0.139, allows user-assisted remote attackers to bypass warning dialogs and possibly execute arbitrary code via a file: URI that ends in an executable extension that is not covered by the blacklist.

Affected products

43
  • Skype Technologies/Skype43 versions
    cpe:2.3:a:skype_technologies:skype:*:*:*:*:*:*:*:*+ 42 more
    • cpe:2.3:a:skype_technologies:skype:*:*:*:*:*:*:*:*range: <=3.8.0.115
    • cpe:2.3:a:skype_technologies:skype:3.0.0.106:beta:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.0.0.123:beta:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.0.0.137:beta:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.0.0.154:beta:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.0.0.190:*:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.0.0.198:*:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.1.0.112:beta:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.1.0.134:beta:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.1.0.144:*:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.1.0.147:*:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.1.0.150:*:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.1.0.152:*:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.2.0.53:beta:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.2.0.63:beta:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.2.0.82:beta:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.2.0.115:beta:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.2.0.145:*:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.2.0.148:*:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.2.0.152:*:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.2.0.158:*:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.2.0.163:*:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.2.0.175:*:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.5.0.107:beta:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.5.0.158:beta:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.5.0.178:beta:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.5.0.202:*:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.5.0.214:*:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.5.0.229:*:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.5.0.234:*:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.5.0.239:*:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.6.0.127:beta:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.6.0.159:beta:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.6.0.216:*:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.6.0.244:*:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.6.0.248:*:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.8.0.96:beta:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.0.0.205:*:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.0.0.209:*:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.0.0.214:*:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.0.0.216:*:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.0.0.217:*:*:*:*:*:*:*
    • cpe:2.3:a:skype_technologies:skype:3.0.0.218:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

6

News mentions

0

No linked articles in our index yet.