NVD

Id
83785  
Name
CVE-2017-6517  
Description
Microsoft Skype 7.16.0.102 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. This vulnerability exists due to the way .dll files are loaded by Skype. It allows an attacker to load a .dll of the attacker's choosing that could execute arbitrary code without the user's knowledge.The specific flaw exists within the handling of DLL (api-ms-win-core-winrt-string-l1-1-0.dll) loading by the Skype.exe process.  
Reject
 
CVSS Version
2  
CVSS Score
10  
Severity
High  
CVSS Base Score
10  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-07-18  
Published
2017-03-23  
Modified Date
2017-07-10  
Seq
2017-6517  

Actions

Related NVD References

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
65841 JVNDB-2017-002180 Microsoft Skype における任意のコードを実行される脆弱性 Microsoft Skype には、Skype.exe プロセスによる api-ms-win-core-winrt-string-l1-1-0.dll のロードに関する処理に不備があるため、任意のコードを実行される脆弱性が存在します。 CVE-2017-6517 CVE-2017-6517 83785 10 9.8 http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-002180.html 2017-03-15 2017-03-31 View