{"vuid":"VU#668193","idnumber":"668193","name":"Skype VCARD handling routine contains a buffer overflow","keywords":["Skype","buffer overflow","arbitrary code execution","VCARD"],"overview":"A buffer overflow in the way Skype handles imported VCARDs may allow a remote attacker to execute code on a vulnerable system.","clean_desc":"Skype software provides telephone service over IP networks. Skype fails to properly validate imported VCARDs, allowing a buffer overflow to occur. The buffer overflow may stem from an input validation error in the Delphi routine SysUtils.WideFmtStr(...). For more information, please see Skype Security Bulletin SKYPE-SB/2005-002 and Delphi Bug Report 4744.","impact":"A remote attacker may be able to execute arbitrary code if they can persuade a user to import a specially crafted VCARD with a Skype-specific URI with a vulnerable Skype installation.","resolution":"Upgrade Skype\nPlease see Skype Security Bulletin SKYPE-SB/2005-002 for a list of fixed Skype versions.","workarounds":"Do not import VCARDs from untrusted sources Exploitation occurs by importing a specially crafted VCARD. By only accessing a VCARDs from trusted or known sources, the chances of exploitation are reduced.","sysaffected":"","thanks":"This vulnerability was reported by SKY-CERT. SKY-CERT credits Mark Rowe of Pentest Limited with providing information regarding this issue.","author":"This document was written by Jeff Gennari.","public":["http://secunia.com/advisories/17305/","http://www.skype.com/security/skype-sb-2005-02.html","http://qc.borland.com/wc/qcmain.aspx?d=4744"],"cveids":["CVE-2005-3265"],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2005-10-25T18:34:02Z","publicdate":"2005-10-25T00:00:00Z","datefirstpublished":"2005-10-26T15:19:19Z","dateupdated":"2005-12-19T14:34:46Z","revision":11,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"5","cam_population":"15","cam_impact":"18","cam_easeofexploitation":"10","cam_attackeraccessrequired":"10","cam_scorecurrent":"10.125","cam_scorecurrentwidelyknown":"12.65625","cam_scorecurrentwidelyknownexploited":"22.78125","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":10.125,"vulnote":null}