CVE-2017-9948

HIGH

Microsoft Skype 7.2-7.36 - Stack Buffer Overflow via RDP Clipboard Content

Title source: llm
STIX 2.1

Description

A stack buffer overflow vulnerability has been discovered in Microsoft Skype 7.2, 7.35, and 7.36 before 7.37, involving MSFTEDIT.DLL mishandling of remote RDP clipboard content within the message box.

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/99281
Mailing List, Third Party Advisory x_refsource_misc
https://www.vulnerability-lab.com/get_content.php?id=2071
Mailing List, Third Party Advisory x_refsource_misc
https://www.vulnerability-lab.com/get_content.php?id=2084

Scores

CVSS v3 8.8
EPSS 0.0643
EPSS Percentile 92.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (3)
microsoft/skype 7.2
microsoft/skype 7.35
microsoft/skype 7.36
Published Jun 26, 2017
Tracked Since Feb 18, 2026