Incorrect Default Permissions
CVE-2004-1778
Summary
Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, creates the /usr/share/skype/lang directory with world-writable permissions, which allows local users to modify language files and possibly conduct social engineering or other attacks.
- LOW
- LOCAL
- NONE
- PARTIAL
- PARTIAL
- PARTIAL
CWE-276 - Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.
References
Advisory Timeline
- Published
