CVE-2017-9948

CWE-119 — Buffer Overflow3 documents3 sources

Severity

8.8HIGH

EPSS

4.9%

top 10.45%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Skype

Timeline

PublishedJun 26

Latest updateMay 17

Description

A stack buffer overflow vulnerability has been discovered in Microsoft Skype 7.2, 7.35, and 7.36 before 7.37, involving MSFTEDIT.DLL mishandling of remote RDP clipboard content within the message box.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

▶NVDmicrosoft/skype7.2, 7.35, 7.36+2

🔴Vulnerability Details

GHSA

GHSA-rwvf-ppqq-h9cm: A stack buffer overflow vulnerability has been discovered in Microsoft Skype 7↗2022-05-17

▶

CVEList

CVE-2017-9948: A stack buffer overflow vulnerability has been discovered in Microsoft Skype 7↗2017-06-26

▶