CVE-2017-6517

Skype 7.16.0.102 DLL Hijacking

Severity Score

9.8

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Microsoft Skype 7.16.0.102 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. This vulnerability exists due to the way .dll files are loaded by Skype. It allows an attacker to load a .dll of the attacker's choosing that could execute arbitrary code without the user's knowledge.The specific flaw exists within the handling of DLL (api-ms-win-core-winrt-string-l1-1-0.dll) loading by the Skype.exe process.

Microsoft Skype 7.16.0.102 contiene una vulnerabilidad que podría permitir a un atacante remoto no autenticado ejecutar código arbitrario en el sistema de destino. Esta vulnerabilidad existe debido a la forma en que Skype carga los archivos .dll. Permite a un atacante cargar un .dll de su elección que podría ejecutar código arbitrario sin conocimiento del usuario. La falla específica existe dentro del manejo de carga de DLL (api-ms-win-core-winrt-string-l1-1-0 .dll) por el proceso de Skype.exe.

Skype version 7.16.0.102 suffers from a dll hijacking vulnerability.

*Credits: N/A

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2017-03-07 CVE Reserved
2017-03-15 CVE Published
2024-06-23 EPSS Updated
2024-08-05 CVE Updated
2024-08-05 First Exploit
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-427: Uncontrolled Search Path Element

CAPEC

References (7)

URL	Tag	Source
http://seclists.org/fulldisclosure/2017/Mar/44	Mailing List
http://www.securityfocus.com/bid/96969	Third Party Advisory
http://www.securitytracker.com/id/1038209	Vdb Entry
https://technet.microsoft.com/security/cc308575.aspx	Not Applicable
https://twitter.com/tiger_tigerboy/status/755332687141883904	Media Coverage
https://twitter.com/vysecurity/status/845013670103003138	Media Coverage

URL	Date	SRC
http://packetstormsecurity.com/files/141650/Skype-7.16.0.102-DLL-Hijacking.html	2024-08-05

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Microsoft Search vendor "Microsoft"		Skype Search vendor "Microsoft" for product "Skype"				7.16.0.102 Search vendor "Microsoft" for product "Skype" and version "7.16.0.102"		-		Affected