Windows 7 Researchers Finds Dangerous Vulnerability in Skype

JMH

JMH

Senior Member
Joined
Sep 21, 2010
A security consultant has notified Skype of a cross-site scripting flaw that could be used to change the password on someone's account, according to details posted online.
Click to expand...

The consultant, Levent Kayan, based in Berlin, Link Removed - Invalid URL on Wednesday and notified Skype a day later. He said on Friday he hasn't heard a response yet.
The problem lies in a field where a person can input their mobile phone number. Kayan wrote that a malicious user can insert JavaScript into the mobile phone field of their profile.
When one of their contacts comes online, the malicious user's profile will be updated, and the JavaScript will be executed when the other contact logs in. Kayan wrote that the other person's session could be hijacked, and it may be possible to gain control of that person's computer. An attacker could also change the password on someone's account.
Click to expand...
http://www.cio.com/article/686248/Researchers_Finds_Dangerous_Vulnerability_in_Skype
 
You must log in or register to reply here.

Similar threads

News
Inspired by challenges in your workday: latest innovations and updates from Microsoft Edge
Replies
0
Views
1K
News
News
News
Using Azure and Windows 11, IRZ consulting company helps farmers save water and power
Replies
0
Views
1K
News
News
News
Available today: The Windows 11 2022 Update
Replies
0
Views
1K
News
News
News
Announcing Windows 11 Insider Preview Build 22567
Replies
0
Views
2K
News
News
News
Announcing Windows 11 Insider Preview Build 22610
Replies
0
Views
2K
News
News
Back
Top Bottom