World-writable permissions in Skype language directory allows for unauthorized modification and potential social engineering attacks

World-writable permissions in Skype language directory allows for unauthorized modification and potential social engineering attacks

CVE-2004-1778 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, creates the /usr/share/skype/lang directory with world-writable permissions, which allows local users to modify language files and possibly conduct social engineering or other attacks.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.