CVE-2008-1805

Name of the Vulnerable Software and Affected Versions Skype versions 3.6.0.248 through 3.8.0.138

Description The issue is caused by an error in handling file: URIs, which can be exploited to bypass security warnings for blacklisted file extensions, for example, by using upper case characters in the file extension. This can lead to the execution of arbitrary code, but it requires a user to be tricked into clicking on a specially crafted file: URI.

Recommendations For Skype versions 3.6.0.248 through 3.8.0.138, update to version 3.8.0.139 or later to resolve the issue.