oval:org.mitre.oval:def:26528

Definition Id: oval:org.mitre.oval:def:26528

Oval ID:	oval:org.mitre.oval:def:26528
Title:	Cross-zone scripting vulnerability
Description:	Cross-zone scripting vulnerability in the Internet Explorer web control in Skype 3.6.0.244, and earlier 3.5.x and 3.6.x versions, on Windows allows user-assisted remote attackers to inject arbitrary web script or HTML in the Local Machine Zone via the Description and unspecified other metadata fields of a Metacafe movie submitted by Metacafe Pro to the Skype video gallery, accessible through a search within the (1) "Add video to chat" or (2) "Add video to mood" dialog, a different vector than CVE-2008-0454.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2008-0583	Version:	3
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows 8.1	Product(s):	Skype
Definition Synopsis:
Skype is installed AND Check if Skype file version is greater than or equal to 3.5.0.0 AND Check if Skype file version is less than or equal to 3.6.0.244

Definition Id: oval:org.mitre.oval:def:11875

Oval ID:	oval:org.mitre.oval:def:11875
Title:	Skype is installed
Description:	Skype is installed
Family:	windows	Class:	inventory
Reference(s):	cpe:/a:microsoft:skype	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows 8.1	Product(s):	Skype
Definition Synopsis:
Check whether Skype is installed
Referenced By:
oval:org.mitre.oval:def:26528