CVE-2017-9948

high

Description

A stack buffer overflow vulnerability has been discovered in Microsoft Skype 7.2, 7.35, and 7.36 before 7.37, involving MSFTEDIT.DLL mishandling of remote RDP clipboard content within the message box.

References

Advisories

https://www.vulnerability-lab.com/get_content.php?id=2084

https://www.vulnerability-lab.com/get_content.php?id=2071

https://www.vulnerability-db.com/?q=articles/2017/05/28/stack-buffer-overflow-zero-day-vulnerability-uncovered-microsoft-skype-v72-v735

http://www.securityfocus.com/bid/99281

Details

Source: Mitre, NVD

Published: 2017-06-26

Updated: 2025-04-20

Risk Information

CVSS v2

Base Score: 6.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.05307

Detections

Analytics