CVE-2005-3267

Integer overflow in Skype client before 1.4.x.84 on Windows, before 1.3.x.17 on Mac OS, before 1.2.x.18 on Linux, and 1.1.x.6 and earlier allows remote attackers to cause a denial of service (crash) via crafted network data with a large Object Counter value, which leads to a resultant heap-based buffer overflow.

Affected Software

Name	Vendor	Start Version	End Version
Skype	Skype_technologies	0.92.0.12 (including)	0.92.0.12 (including)
Skype	Skype_technologies	0.93.0.3 (including)	0.93.0.3 (including)
Skype	Skype_technologies	0.98.0.04 (including)	0.98.0.04 (including)
Skype	Skype_technologies	1.0.0.1 (including)	1.0.0.1 (including)
Skype	Skype_technologies	1.0.0.7 (including)	1.0.0.7 (including)
Skype	Skype_technologies	1.0.0.9 (including)	1.0.0.9 (including)
Skype	Skype_technologies	1.0.0.10 (including)	1.0.0.10 (including)
Skype	Skype_technologies	1.0.0.18 (including)	1.0.0.18 (including)
Skype	Skype_technologies	1.0.0.29 (including)	1.0.0.29 (including)
Skype	Skype_technologies	1.0.0.94 (including)	1.0.0.94 (including)
Skype	Skype_technologies	1.0.0.97 (including)	1.0.0.97 (including)
Skype	Skype_technologies	1.0.0.100 (including)	1.0.0.100 (including)
Skype	Skype_technologies	1.1.0.0 (including)	1.1.0.0 (including)
Skype	Skype_technologies	1.1.0.20 (including)	1.1.0.20 (including)
Skype	Skype_technologies	1.1.06 (including)	1.1.06 (including)
Skype	Skype_technologies	1.2.0.17 (including)	1.2.0.17 (including)
Skype	Skype_technologies	1.3.0.16 (including)	1.3.0.16 (including)
Skype	Skype_technologies	1.4.0.83 (including)	1.4.0.83 (including)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-3267
CWE	https://cwe.mitre.org/data/definitions/189.html

Affected Software

References