Incomplete blacklist vulnerability in Skype 3.6.0.248, and other versions before 3.8.0.139, allows user-assisted remote attackers to bypass warning dialogs and possibly execute arbitrary code via a file: URI that ends in an executable extension that is not covered by the blacklist.
Conclusion & alert: CVE-2008-1805 is rated High Risk (66.7/100): CVSS Critical severity, with medium exploitation likelihood (EPSS 2.02%). Mandatory action: High exploitation likelihood—assess exposure and prioritize remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2025-10-27 | 1.69% | 2.02% | +0.34% |
| 2 | 2025-03-30 | 2.36% | 1.69% | -0.67% |
| 3 | 2025-03-29 | — | 2.36% | — |
Full EPSS history (13 records total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 9.3 | 2.0 | HIGH |
|
8.6 | 10.0 | [email protected] |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| skype_technologies | skype | <= 3.8.0.115 | cpe:2.3:a:skype_technologies:skype:*:*:*:*:*:*:*:* |
| skype_technologies | skype | 3.0.0.106 | cpe:2.3:a:skype_technologies:skype:3.0.0.106:beta:*:*:*:*:*:* |
| skype_technologies | skype | 3.0.0.123 | cpe:2.3:a:skype_technologies:skype:3.0.0.123:beta:*:*:*:*:*:* |
| skype_technologies | skype | 3.0.0.137 | cpe:2.3:a:skype_technologies:skype:3.0.0.137:beta:*:*:*:*:*:* |
| skype_technologies | skype | 3.0.0.154 | cpe:2.3:a:skype_technologies:skype:3.0.0.154:beta:*:*:*:*:*:* |
| skype_technologies | skype | 3.0.0.190 | cpe:2.3:a:skype_technologies:skype:3.0.0.190:*:*:*:*:*:*:* |
| skype_technologies | skype | 3.0.0.198 | cpe:2.3:a:skype_technologies:skype:3.0.0.198:*:*:*:*:*:*:* |
| skype_technologies | skype | 3.0.0.205 | cpe:2.3:a:skype_technologies:skype:3.0.0.205:*:*:*:*:*:*:* |
| skype_technologies | skype | 3.0.0.209 | cpe:2.3:a:skype_technologies:skype:3.0.0.209:*:*:*:*:*:*:* |
| skype_technologies | skype | 3.0.0.214 | cpe:2.3:a:skype_technologies:skype:3.0.0.214:*:*:*:*:*:*:* |
| skype_technologies | skype | 3.0.0.216 | cpe:2.3:a:skype_technologies:skype:3.0.0.216:*:*:*:*:*:*:* |
| skype_technologies | skype | 3.0.0.217 | cpe:2.3:a:skype_technologies:skype:3.0.0.217:*:*:*:*:*:*:* |
| skype_technologies | skype | 3.0.0.218 | cpe:2.3:a:skype_technologies:skype:3.0.0.218:*:*:*:*:*:*:* |
| skype_technologies | skype | 3.1.0.112 | cpe:2.3:a:skype_technologies:skype:3.1.0.112:beta:*:*:*:*:*:* |
| skype_technologies | skype | 3.1.0.134 | cpe:2.3:a:skype_technologies:skype:3.1.0.134:beta:*:*:*:*:*:* |
| skype_technologies | skype | 3.1.0.144 | cpe:2.3:a:skype_technologies:skype:3.1.0.144:*:*:*:*:*:*:* |
| skype_technologies | skype | 3.1.0.147 | cpe:2.3:a:skype_technologies:skype:3.1.0.147:*:*:*:*:*:*:* |
| skype_technologies | skype | 3.1.0.150 | cpe:2.3:a:skype_technologies:skype:3.1.0.150:*:*:*:*:*:*:* |
| skype_technologies | skype | 3.1.0.152 | cpe:2.3:a:skype_technologies:skype:3.1.0.152:*:*:*:*:*:*:* |
| skype_technologies | skype | 3.2.0.53 | cpe:2.3:a:skype_technologies:skype:3.2.0.53:beta:*:*:*:*:*:* |
| skype_technologies | skype | 3.2.0.63 | cpe:2.3:a:skype_technologies:skype:3.2.0.63:beta:*:*:*:*:*:* |
| skype_technologies | skype | 3.2.0.82 | cpe:2.3:a:skype_technologies:skype:3.2.0.82:beta:*:*:*:*:*:* |
| skype_technologies | skype | 3.2.0.115 | cpe:2.3:a:skype_technologies:skype:3.2.0.115:beta:*:*:*:*:*:* |
| skype_technologies | skype | 3.2.0.145 | cpe:2.3:a:skype_technologies:skype:3.2.0.145:*:*:*:*:*:*:* |
| skype_technologies | skype | 3.2.0.148 | cpe:2.3:a:skype_technologies:skype:3.2.0.148:*:*:*:*:*:*:* |
| skype_technologies | skype | 3.2.0.152 | cpe:2.3:a:skype_technologies:skype:3.2.0.152:*:*:*:*:*:*:* |
| skype_technologies | skype | 3.2.0.158 | cpe:2.3:a:skype_technologies:skype:3.2.0.158:*:*:*:*:*:*:* |
| skype_technologies | skype | 3.2.0.163 | cpe:2.3:a:skype_technologies:skype:3.2.0.163:*:*:*:*:*:*:* |
| skype_technologies | skype | 3.2.0.175 | cpe:2.3:a:skype_technologies:skype:3.2.0.175:*:*:*:*:*:*:* |
| skype_technologies | skype | 3.5.0.107 | cpe:2.3:a:skype_technologies:skype:3.5.0.107:beta:*:*:*:*:*:* |
| skype_technologies | skype | 3.5.0.158 | cpe:2.3:a:skype_technologies:skype:3.5.0.158:beta:*:*:*:*:*:* |
| skype_technologies | skype | 3.5.0.178 | cpe:2.3:a:skype_technologies:skype:3.5.0.178:beta:*:*:*:*:*:* |
| skype_technologies | skype | 3.5.0.202 | cpe:2.3:a:skype_technologies:skype:3.5.0.202:*:*:*:*:*:*:* |
| skype_technologies | skype | 3.5.0.214 | cpe:2.3:a:skype_technologies:skype:3.5.0.214:*:*:*:*:*:*:* |
| skype_technologies | skype | 3.5.0.229 | cpe:2.3:a:skype_technologies:skype:3.5.0.229:*:*:*:*:*:*:* |
| skype_technologies | skype | 3.5.0.234 | cpe:2.3:a:skype_technologies:skype:3.5.0.234:*:*:*:*:*:*:* |
| skype_technologies | skype | 3.5.0.239 | cpe:2.3:a:skype_technologies:skype:3.5.0.239:*:*:*:*:*:*:* |
| skype_technologies | skype | 3.6.0.127 | cpe:2.3:a:skype_technologies:skype:3.6.0.127:beta:*:*:*:*:*:* |
| skype_technologies | skype | 3.6.0.159 | cpe:2.3:a:skype_technologies:skype:3.6.0.159:beta:*:*:*:*:*:* |
| skype_technologies | skype | 3.6.0.216 | cpe:2.3:a:skype_technologies:skype:3.6.0.216:*:*:*:*:*:*:* |
| skype_technologies | skype | 3.6.0.244 | cpe:2.3:a:skype_technologies:skype:3.6.0.244:*:*:*:*:*:*:* |
| skype_technologies | skype | 3.6.0.248 | cpe:2.3:a:skype_technologies:skype:3.6.0.248:*:*:*:*:*:*:* |
| skype_technologies | skype | 3.8.0.96 | cpe:2.3:a:skype_technologies:skype:3.8.0.96:beta:*:*:*:*:*:* |