CVE-2019-0932
published 2019-05-16CVE-2019-0932: An information disclosure vulnerability exists in Skype for Android, aka 'Skype for Android Information Disclosure Vulnerability'.
PriorityP430medium5.9CVSS 3.0
AVNACHPRNUINSUCHINAN
EPSS
4.94%
91.1th percentile
An information disclosure vulnerability exists in Skype for Android, aka 'Skype for Android Information Disclosure Vulnerability'.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | skype | — | — |
| microsoft | skype | — | — |
| msrc | skype_8.35_when_installed_on_android_devices | — | — |
CVSS provenance
nvdv3.05.9MEDIUMCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
vendor_msrc5.9HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Skype for Android Information Disclosure Vulnerability
vendor_msrc·2019-05-14·CVSS 5.9
CVE-2019-0932 [MEDIUM] Skype for Android Information Disclosure Vulnerability
Skype for Android Information Disclosure Vulnerability
Description: An information disclosure vulnerability exists in Skype for Android. An attacker that exploited the vulnerability could listen to the conversation of a Skype for Android user without the user’s knowledge.
To exploit the vulnerability, an attacker would need to call an Android phone with Skype for Android installed that’s also paired with a Bluetooth device.
The security update addresses the vulnerability by correcting how Skype for Android answers incoming calls.
FAQ: What type of information could be disclosed by this vulnerability?
The type of information that could be disclosed if an attacker successfully exploited this vulnerability is audio from a cellular phone call.
FAQ: How do I get the update for Skype for Andr
GHSA
GHSA-5g2m-r7fq-6mhc: An information disclosure vulnerability exists in Skype for Android, aka 'Skype for Android Information Disclosure Vulnerability'
ghsa_unreviewed·2022-05-24
CVE-2019-0932 [MEDIUM] GHSA-5g2m-r7fq-6mhc: An information disclosure vulnerability exists in Skype for Android, aka 'Skype for Android Information Disclosure Vulnerability'
An information disclosure vulnerability exists in Skype for Android, aka 'Skype for Android Information Disclosure Vulnerability'.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-05-16
Published