CVE-2004-1777

Exploit

EPSS 0.92%
Veröffentlicht 31.12.2004 05:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

A "range check error" in Skype for Windows before 0.98.0.28 allows local and remote attackers to cause a denial of service (application crash) via long command line arguments or a long callto:// URL, a different vulnerability than CVE-2004-1114.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Skype Technologies ≫ Skype Version <= 0.98.0.27

Skype Technologies ≫ Skype Version0.98.0.04

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.92%	0.737

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://lists.virus.org/bugtraq-0406/msg00221.html

Exploit

http://securitytracker.com/id?1010490

Exploit

http://www.osvdb.org/11860

http://www.skype.com/security/ssa-2004-01.html

Patch

https://nvd.nist.gov/vuln/detail/CVE-2004-1777

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-1777

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-1777

EUVD