CVE-2004-1778
Skype 0.92.0.12 and 1.0.0.1 - Incorrect Default Permissions in Language Directory
Title source: llmDescription
Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, creates the /usr/share/skype/lang directory with world-writable permissions, which allows local users to modify language files and possibly conduct social engineering or other attacks.
References (4)
Core 4
Core References
Issue Tracking, Mailing List, Third Party Advisory mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=110868557905786&w=2
Issue Tracking, Mailing List, Third Party Advisory mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=110374568916303&w=2
Broken Link, Third Party Advisory, VDB Entry, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/12081
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/18644
Scores
EPSS
0.0039
EPSS Percentile
30.5%
Details
CWE
CWE-276
Status
published
Products (2)
skype/skype
0.92.0.12
skype/skype
1.0.0.1
Published
Dec 22, 2004
Tracked Since
Feb 18, 2026