Posts Tagged ‘security vulnerability’

Skype

Critical vulnerability in Skype

Critical security vulnerability found in Skype (the service voice and video). The vulnerability allows to hack any account of Skype.

To crack only need to know the email address of the victim. Hacking scheme is as follows:

  • You need to register a new Skype Name to e-mail the victim (technically possible);
  • After that, you must log in to your new account, delete all cookie files and request password recovery;
  • After that, the window will be notified of Skype “password token”, which referred to;
  • This link, the user can select which kind login Skype, registered at the address of e-mail, he wants to change the password;
  • Among these logins will be like the one that the user has just registered on another e-mail, and username of the owner of this e-mail;
  • So, with no access to other people’s box and without the knowledge of the old password, you can change someone else’s password. (more…)

Mozilla FirefoxVulnerability: Disclosure of sensitive data in Mozilla Firefox

Danger: Low
Number of vulnerabilities: 1
Impact: Disclosure of sensitive data
Affected products: Mozilla Firefox 16.x

Affected versions: Mozilla Firefox 16.0

Description:

  • The vulnerability allows a remote user to gain access to sensitive data on the system. (more…)