Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.1 through 3.6.0.244 on Windows allows remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via the Full Name field of a reviewer of a business item entry, accessible through (1) the SkypeFind dialog and (2) a skype:?skypefind URI for the skype: URI handler.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2008-02-05T02:00:00
Updated: 2018-10-15T20:57:01
Reserved: 2008-02-04T00:00:00
Link: CVE-2008-0582
JSON object: View
NVD Information
Status : Modified
Published: 2008-02-05T03:00:00.000
Modified: 2018-10-15T22:01:19.567
Link: CVE-2008-0582
JSON object: View
Redhat Information
No data.
CWE