402 matches found
Skype for Business and Lync Spoofing Vulnerability
A spoofing vulnerability exists when a Lync Server or Skype for Business Server does not properly sanitize a specially crafted request. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected server. The attacker who successfully exploited...
Should You Send Your Pen Test Report to the MSRC?
Every day, the Microsoft Security Response Center MSRC receives vulnerability reports from security researchers, technology/industry partners, and customers. We want those reports, because they help us make our products and services more secure. High-quality reports that include proof of concept,...
Description of the update for Lync Server 2010, Mobility Service: March 2012
Describes the update for Lync Server 2010, Mobility Service that is dated March 2012.SummaryThis article describes the update for Microsoft Lync Server 2010, Mobility Service that is dated March 2012.INTRODUCTIONThis update improves the reliability, stability and performance of Lync Server 2010,...
Description of the cumulative update for Lync Server 2010, Unified Communications Managed API 3.0 Runtime: July 2011
Describes the cumulative update for Lync Server 2010, Unified Communications Managed API 3.0 Runtime that is dated July 2011.SummaryThis article describes the Microsoft Lync Server 2010, Unified Communications Managed API 3.0 Runtime issue that is fixed in the cumulative update for Lync Server...
Description of the cumulative update for Lync Server 2010, Core Components: April 2011
Describes the cumulative update for Lync Server 2010, Core Components that is dated April 2011.SummaryThis article describes the Microsoft Lync Server 2010, Core Components issue that is fixed in the cumulative update for Lync Server 2010, Core Components that is dated April, 2011. This article...
Description of the cumulative update for Lync Server 2010, Mediation Server: April 2011
Describes the bugs that are fixed in the Aptil, 2011 cumulative update package for Communicator 2007 R2.SummaryThis article describes the issues that are fixed in the update package for Microsoft Lync Server 2010, Web Components Server that is dated April, 2011.This article describes the followin...
Microsoft Skype for Business and Lync Server Remote Code Execution Vulnerability
Microsoft Skype is a suite of instant messaging software from the American company Microsoft. A remote code execution vulnerability exists in Microsoft Skype for Business and Lync Server. An attacker is allowed to exploit the vulnerability to execute arbitrary code within the context of the...
Microsoft Skype for Business and Lync Server CVE-2017-8550 Remote Code Execution Vulnerability
Description Microsoft Skype for Business and Lync Server are prone to a remote code-execution vulnerability. Successfully exploiting this issue may result in the execution of arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service...
HPE Sizer for Microsoft Lync Server Remote Arbitrary Code Execution Vulnerability
HPE Sizer for Microsoft Lync Server is prone to a remote arbitrary code execution vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...
HPE Sizing for Microsoft Lync Server Detection (Windows SMB Login)
Detects the installed version of HPE Sizing Tool for Microsoft Lync Server. The script logs in via smb, searches for SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Vulnerability of Microsoft Lync Server software, allowing a remote attacker to compromise protected information
A cross-site scripting implementation that allows access to confidential information exists in Lync Server. This implementation is related to the improper processing browsing of specially crafted content. If it operates successfully, a malicious individual can execute scripts in the user’s browse...
The vulnerability of Microsoft Lync Server software allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.
A vulnerability that allows for remote execution of code exists in vulnerable components and is related to the processing of specially crafted font files. Exploiting this vulnerability enables remote execution of code, provided that the user opens a specially crafted file or webpage. Exploiting...
The vulnerability of Microsoft Lync Server software allows a malicious attacker to compromise the accessibility of protected information.
The vulnerability in Lync Server allows a malicious individual to trigger a system failure...
The vulnerability of Microsoft Lync Server software allows a malicious attacker to compromise the accessibility of protected information.
The vulnerability in Lync Server allows a malicious individual to trigger a system failure...
Vulnerability of Microsoft Lync Server software, allowing a remote attacker to compromise protected information
A vulnerability that allows access to confidential information exists in Lync Server. This vulnerability is related to the improper processing e.g., filtering of specially crafted content. If exploited successfully, a malicious individual can execute scripts in the user’s browser and gain access ...
Microsoft Skype for Business and Lync Server CVE-2015-6061 Security Bypass Vulnerability
Description Microsoft Skype for Business and Lync Server are prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and perform unauthorized actions. Technologies Affected Microsoft Lync 2010 32-bit Microsoft Lync 2010 64-bit Microsof...
The vulnerability of Microsoft Lync Server’s messaging server allows a hacker to inject arbitrary web or HTML code.
The vulnerability of Microsoft Lync Server’s messaging server exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary web or HTML code through a specially crafted URL...
The vulnerability of Skype for Business Server and Microsoft Lync Server allows a hacker to inject arbitrary web or HTML code.
The vulnerabilities of Skype for Business Server and Microsoft Lync Server exist due to the lack of measures taken to protect the website structure. Exploiting these vulnerabilities allows a malicious actor to inject arbitrary web or HTML code through a specially crafted URL...
The vulnerabilities of Microsoft Lync Server and Skype for Business Server allow attackers to inject arbitrary web or HTML code.
The vulnerability of the jQuery server messaging components in Microsoft Lync Server and Skype for Business Server exists due to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary web or HTML code through a special...
Microsoft Lync Server / Skype for Business crossite scripting
Multiple crossite scripting possibilities...