402 matches found
CVE-2014-1823
Cross-site scripting XSS vulnerability in the Web Components Server in Microsoft Lync Server 2010 and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted URL containing a valid meeting ID, aka "Lync Server Content Sanitization Vulnerability."...
MS14-032: Vulnerability in Microsoft Lync Server Could Allow Information Disclosure (2969258)
The version of Microsoft Lync Server installed on the remote host is affected by an information disclosure vulnerability that can be exploited by tricking a user into clicking a specially crafted URL. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid74424;...
Microsoft Lync Server Information Disclosure Vulnerability (2969258)
This host is missing an important security update according to Microsoft Bulletin MS14-032. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Lync Server CVE-2014-1823 Information Disclosure Vulnerability
Description Microsoft Lync Server is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Lync Server 2010 Microsoft Lync Server 2013 Recommendations Run all software as ...
Microsoft Lync Server Information Disclosure (MS14-032; CVE-2014-1823)
An information disclosure vulnerability exists when Lync Server fails to properly sanitize specially crafted content. The vulnerability is caused when Lync Server does not properly sanitize specially crafted content. An attacker who successfully exploited this vulnerability could potentially...
Description of the update package for Lync Server 2010, Web Components Server: April 2011
Describes the bugs that are resolved in the April, 2011 cumulative update package for Lync Server 2010, Web Components Server.SummaryThis article describes the issues that are fixed in the update package for Microsoft Lync Server 2010, Web Components Server that is dated April 2011.This article...
Description of the cumulative update for Lync Server 2010, Unified Communications Managed API 3.0 Runtime: April 2011
Describes the cumulative update for Lync Server 2010, Unified Communications Managed API 3.0 Runtime that is dated April 2011.SummaryThis article describes the Microsoft Lync Server 2010, Unified Communications Managed API 3.0 Runtime issue that is fixed in the cumulative update for Lync Server...
Description of the cumulative update for Lync Server 2010: July 2011
Describes the bug that is resolved in the July, 2011 cumulative update package for Lync Server 2010.SummaryThis article describes the cumulative update for Microsoft Lync Server 2010 that is dated July, 2011. INTRODUCTIONIssues that this update package fixesThis cumulative update fixes the...
Description of the cumulative update for Lync Server 2010, Web Conferencing Server: July 2011
Describes the cumulative update for Lync Server 2010, Web Conferencing Server that is dated July 2011.SummaryThis article describes the cumulative update for Microsoft Lync Server 2010, Web Conferencing Server that is dated July 2011. ResolutionUpdate package informationMicrosoft Download CenterT...
Description of the cumulative update for Lync Server 2010, Mediation Server: November 2011
Describes the bugs that are fixed in the November, 2011 cumulative update package for Lync Server 2010.SummaryThis article describes the issue that is fixed in the update package for Microsoft Lync Server 2010, Mediation Server that is dated November 2011.This article describes the following item...
Description of the update for Lync Server 2010, Web Conferencing Server: January 2012
Describes the update for Lync Server 2010, Web Conferencing Server that is dated January 2012.SummaryThis article describes the update for Microsoft Lync Server 2010, Web Conferencing Server that is dated January 2012. This update improves the reliability, stability and performance of Lync Server...
Description of the cumulative update for Lync Server 2010, Administrative Tools: February 2012
Describes the issues that are resolved in the cumulative update package for Lync Server 2010, Administration Tools that is dated February 2012.SummaryThis article describes the issues that are fixed in the update package for Microsoft Lync Server 2010, Administration Tools that is dated February...
Description of the update for Lync Server 2010, Core Components: March 2012
Describes the update for Lync Server 2010, Core Components that is dated March 2012.SummaryThis article describes the update for Microsoft Lync Server 2010, Core Components that is dated March 2012.INTRODUCTIONThis update improves the reliability, stability, and performance of Lync Server 2010,...
Microsoft Lync Installed
Microsoft Lync previously known as Microsoft Office Communications is installed on the remote host. Microsoft Lync provides communications services such as instant messaging, VoIP, and video conferencing. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid68879;...
Microsoft Lync Server 2010 reachLocale Parameter XSS
According to its self-reported version number, the version of Web Components Server a component of Microsoft Lync 2010 has a cross-site scripting vulnerability. Input passed to the 'reachLocale' parameter of ReachJoin.aspx is not properly sanitized. An attacker could exploit this by tricking a us...
Code injection
Microsoft Communicator 2007 R2, Lync 2010, Lync 2010 Attendee, and Lync Server 2013 do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an invitation that triggers access to a deleted object, aka "Lync RCE Vulnerability."...
CVE-2013-1302
The CVE-2013-1302 issue affects Microsoft Lync-related clients and servers (Communicator 2007 R2, Lync 2010, Lync 2010 Attendee, Lync Server 2013). It is a use-after-free in which Lync components fail to handle memory objects that have been deleted, enabling remote code execution when a user is i...
Microsoft Lync Server Version Detection
Detects the installed version of Microsoft Lync Server. The script logs in via smb, searches for Microsoft Lync Server in the registry and gets the version from Copyright C 2013 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Microsoft Lync Server Remote Code Execution Vulnerability (2834695)
This host is missing an important security update according to Microsoft Bulletin MS13-041. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Lync Version Detection
Detects the installed version of Microsoft Lync. The script logs in via smb, searches for Microsoft Lync in the registry and gets the version from Copyright C 2012 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...