CVE-2004-1777
published 2004-12-31CVE-2004-1777: A "range check error" in Skype for Windows before 0.98.0.28 allows local and remote attackers to cause a denial of service (application crash) via long command…
PriorityP410medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
1.72%
74.6th percentile
A "range check error" in Skype for Windows before 0.98.0.28 allows local and remote attackers to cause a denial of service (application crash) via long command line arguments or a long callto:// URL, a different vulnerability than CVE-2004-1114.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| skype_technologies | skype | <= 0.98.0.27 | — |
| skype_technologies | skype | — | — |
| skype_technologies | skype | — | — |
| skype_technologies | skype | — | — |
| skype_technologies | skype | — | — |
| skype_technologies | skype | — | — |
| skype_technologies | skype | — | — |
| skype_technologies | skype | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-vr53-8hj3-vc9j: Buffer overflow in the handling of command line arguments in Skype 1
ghsa_unreviewed·2022-04-29·CVSS 5.0
CVE-2004-1114 [MEDIUM] CWE-119 GHSA-vr53-8hj3-vc9j: Buffer overflow in the handling of command line arguments in Skype 1
Buffer overflow in the handling of command line arguments in Skype 1.0.x.94 through 1.0.x.98 allows remote attackers to execute arbitrary code via a callto:// URL with a long non-existent username, a different vulnerability than CVE-2004-1777.
GHSA
GHSA-3cmp-6g7x-v2gr: A "range check error" in Skype for Windows before 0
ghsa_unreviewed·2022-04-29·CVSS 9.3
CVE-2004-1777 [CRITICAL] CWE-20 GHSA-3cmp-6g7x-v2gr: A "range check error" in Skype for Windows before 0
A "range check error" in Skype for Windows before 0.98.0.28 allows local and remote attackers to cause a denial of service (application crash) via long command line arguments or a long callto:// URL, a different vulnerability than CVE-2004-1114.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://lists.virus.org/bugtraq-0406/msg00221.htmlhttp://securitytracker.com/id?1010490http://www.osvdb.org/11860http://www.skype.com/security/ssa-2004-01.htmlhttp://lists.virus.org/bugtraq-0406/msg00221.htmlhttp://securitytracker.com/id?1010490http://www.osvdb.org/11860http://www.skype.com/security/ssa-2004-01.html
2004-12-31
Published