Skype.NSRunAlertPanel.Format.String

description-logoDescription

A format-string vulnerability is found in the NSRunAlertPanel function in eBay Skype for Mac 1.5.*.79 and earlier. It allows remote attackers to execute arbitrary machine code in the context of the affected application, potentially facilitating the remote compromise of affected computers.

affected-products-logoAffected Products

System compromise.

Impact logoImpact

Skype 1.5.0.79 and prior versions for Apple Mac OS X.

recomended-action-logoRecommended Actions

Please update Skype for Mac:
Skype 1.5, release 1.5.*.80 or later
http://www.skype.com

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)