Lucene search
K

402 matches found

Cvelist
Cvelist
added 2014/06/11 1:0 a.m.31 views

CVE-2014-1823

Cross-site scripting XSS vulnerability in the Web Components Server in Microsoft Lync Server 2010 and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted URL containing a valid meeting ID, aka "Lync Server Content Sanitization Vulnerability."...

5.4AI score0.5109EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2014/06/11 12:0 a.m.34 views

MS14-032: Vulnerability in Microsoft Lync Server Could Allow Information Disclosure (2969258)

The version of Microsoft Lync Server installed on the remote host is affected by an information disclosure vulnerability that can be exploited by tricking a user into clicking a specially crafted URL. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid74424;...

4.3CVSS5.5AI score0.5109EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2014/06/11 12:0 a.m.26 views

Microsoft Lync Server Information Disclosure Vulnerability (2969258)

This host is missing an important security update according to Microsoft Bulletin MS14-032. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

4.3CVSS5AI score0.5109EPSS
Exploits0References3
Symantec
Symantec
added 2014/06/10 12:0 a.m.27 views

Microsoft Lync Server CVE-2014-1823 Information Disclosure Vulnerability

Description Microsoft Lync Server is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Lync Server 2010 Microsoft Lync Server 2013 Recommendations Run all software as ...

4.3CVSS6.3AI score0.5109EPSS
Exploits0Affected Software1
Check Point Advisories
Check Point Advisories
added 2014/06/10 12:0 a.m.2 views

Microsoft Lync Server Information Disclosure (MS14-032; CVE-2014-1823)

An information disclosure vulnerability exists when Lync Server fails to properly sanitize specially crafted content. The vulnerability is caused when Lync Server does not properly sanitize specially crafted content. An attacker who successfully exploited this vulnerability could potentially...

4.3CVSS5.7AI score0.5109EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2013/09/04 11:17 a.m.15 views

Description of the update package for Lync Server 2010, Web Components Server: April 2011

Describes the bugs that are resolved in the April, 2011 cumulative update package for Lync Server 2010, Web Components Server.SummaryThis article describes the issues that are fixed in the update package for Microsoft Lync Server 2010, Web Components Server that is dated April 2011.This article...

6.4AI score
Exploits0
Microsoft KB
Microsoft KB
added 2013/09/04 11:15 a.m.123 views

Description of the cumulative update for Lync Server 2010, Unified Communications Managed API 3.0 Runtime: April 2011

Describes the cumulative update for Lync Server 2010, Unified Communications Managed API 3.0 Runtime that is dated April 2011.SummaryThis article describes the Microsoft Lync Server 2010, Unified Communications Managed API 3.0 Runtime issue that is fixed in the cumulative update for Lync Server...

0.2AI score
Exploits0
Microsoft KB
Microsoft KB
added 2013/09/04 10:24 a.m.20 views

Description of the cumulative update for Lync Server 2010: July 2011

Describes the bug that is resolved in the July, 2011 cumulative update package for Lync Server 2010.SummaryThis article describes the cumulative update for Microsoft Lync Server 2010 that is dated July, 2011. INTRODUCTIONIssues that this update package fixesThis cumulative update fixes the...

6.5AI score
Exploits0
Microsoft KB
Microsoft KB
added 2013/09/04 10:21 a.m.14 views

Description of the cumulative update for Lync Server 2010, Web Conferencing Server: July 2011

Describes the cumulative update for Lync Server 2010, Web Conferencing Server that is dated July 2011.SummaryThis article describes the cumulative update for Microsoft Lync Server 2010, Web Conferencing Server that is dated July 2011. ResolutionUpdate package informationMicrosoft Download CenterT...

0.1AI score
Exploits0
Microsoft KB
Microsoft KB
added 2013/09/04 9:49 a.m.17 views

Description of the cumulative update for Lync Server 2010, Mediation Server: November 2011

Describes the bugs that are fixed in the November, 2011 cumulative update package for Lync Server 2010.SummaryThis article describes the issue that is fixed in the update package for Microsoft Lync Server 2010, Mediation Server that is dated November 2011.This article describes the following item...

6.3AI score
Exploits0
Microsoft KB
Microsoft KB
added 2013/09/04 9:44 a.m.21 views

Description of the update for Lync Server 2010, Web Conferencing Server: January 2012

Describes the update for Lync Server 2010, Web Conferencing Server that is dated January 2012.SummaryThis article describes the update for Microsoft Lync Server 2010, Web Conferencing Server that is dated January 2012. This update improves the reliability, stability and performance of Lync Server...

6.6AI score
Exploits0
Microsoft KB
Microsoft KB
added 2013/09/04 9:36 a.m.11 views

Description of the cumulative update for Lync Server 2010, Administrative Tools: February 2012

Describes the issues that are resolved in the cumulative update package for Lync Server 2010, Administration Tools that is dated February 2012.SummaryThis article describes the issues that are fixed in the update package for Microsoft Lync Server 2010, Administration Tools that is dated February...

Exploits0
Microsoft KB
Microsoft KB
added 2013/09/03 3:17 a.m.9 views

Description of the update for Lync Server 2010, Core Components: March 2012

Describes the update for Lync Server 2010, Core Components that is dated March 2012.SummaryThis article describes the update for Microsoft Lync Server 2010, Core Components that is dated March 2012.INTRODUCTIONThis update improves the reliability, stability, and performance of Lync Server 2010,...

Exploits0
Tenable Nessus
Tenable Nessus
added 2013/07/14 12:0 a.m.88 views

Microsoft Lync Installed

Microsoft Lync previously known as Microsoft Office Communications is installed on the remote host. Microsoft Lync provides communications services such as instant messaging, VoIP, and video conferencing. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid68879;...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2013/07/14 12:0 a.m.22 views

Microsoft Lync Server 2010 reachLocale Parameter XSS

According to its self-reported version number, the version of Web Components Server a component of Microsoft Lync 2010 has a cross-site scripting vulnerability. Input passed to the 'reachLocale' parameter of ReachJoin.aspx is not properly sanitized. An attacker could exploit this by tricking a us...

5.9AI score
Exploits0References3
Prion
Prion
added 2013/05/15 3:36 a.m.18 views

Code injection

Microsoft Communicator 2007 R2, Lync 2010, Lync 2010 Attendee, and Lync Server 2013 do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an invitation that triggers access to a deleted object, aka "Lync RCE Vulnerability."...

9.3CVSS8AI score0.2191EPSS
Exploits1References3Affected Software3
CVE
CVE
added 2013/05/15 1:0 a.m.125 views

CVE-2013-1302

The CVE-2013-1302 issue affects Microsoft Lync-related clients and servers (Communicator 2007 R2, Lync 2010, Lync 2010 Attendee, Lync Server 2013). It is a use-after-free in which Lync components fail to handle memory objects that have been deleted, enabling remote code execution when a user is i...

9.3CVSS7.6AI score0.2191EPSS
Exploits1References3Affected Software3
OpenVAS
OpenVAS
added 2013/05/15 12:0 a.m.18 views

Microsoft Lync Server Version Detection

Detects the installed version of Microsoft Lync Server. The script logs in via smb, searches for Microsoft Lync Server in the registry and gets the version from Copyright C 2013 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

0.2AI score
Exploits0
OpenVAS
OpenVAS
added 2013/05/15 12:0 a.m.30 views

Microsoft Lync Server Remote Code Execution Vulnerability (2834695)

This host is missing an important security update according to Microsoft Bulletin MS13-041. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

9.3CVSS5AI score0.2191EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2012/06/13 12:0 a.m.9 views

Microsoft Lync Version Detection

Detects the installed version of Microsoft Lync. The script logs in via smb, searches for Microsoft Lync in the registry and gets the version from Copyright C 2012 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

7.3AI score
Exploits0
Rows per page
Query Builder