Lucene search
K

402 matches found

Microsoft CVE
Microsoft CVE
added 2019/01/15 8:0 a.m.49 views

Skype for Business and Lync Spoofing Vulnerability

A spoofing vulnerability exists when a Lync Server or Skype for Business Server does not properly sanitize a specially crafted request. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected server. The attacker who successfully exploited...

5.4CVSS1.3AI score0.01461EPSS
Exploits0
MSRC
MSRC
added 2018/11/12 6:2 p.m.87 views

Should You Send Your Pen Test Report to the MSRC?

Every day, the Microsoft Security Response Center MSRC receives vulnerability reports from security researchers, technology/industry partners, and customers. We want those reports, because they help us make our products and services more secure. High-quality reports that include proof of concept,...

7.2AI score
Exploits0
Microsoft KB
Microsoft KB
added 2018/09/26 2:34 a.m.14 views

Description of the update for Lync Server 2010, Mobility Service: March 2012

Describes the update for Lync Server 2010, Mobility Service that is dated March 2012.SummaryThis article describes the update for Microsoft Lync Server 2010, Mobility Service that is dated March 2012.INTRODUCTIONThis update improves the reliability, stability and performance of Lync Server 2010,...

0.1AI score
Exploits0
Microsoft KB
Microsoft KB
added 2018/09/18 5:31 a.m.24 views

Description of the cumulative update for Lync Server 2010, Unified Communications Managed API 3.0 Runtime: July 2011

Describes the cumulative update for Lync Server 2010, Unified Communications Managed API 3.0 Runtime that is dated July 2011.SummaryThis article describes the Microsoft Lync Server 2010, Unified Communications Managed API 3.0 Runtime issue that is fixed in the cumulative update for Lync Server...

0.2AI score
Exploits0
Microsoft KB
Microsoft KB
added 2018/09/18 4:40 a.m.22 views

Description of the cumulative update for Lync Server 2010, Core Components: April 2011

Describes the cumulative update for Lync Server 2010, Core Components that is dated April 2011.SummaryThis article describes the Microsoft Lync Server 2010, Core Components issue that is fixed in the cumulative update for Lync Server 2010, Core Components that is dated April, 2011. This article...

0.3AI score
Exploits0
Microsoft KB
Microsoft KB
added 2018/09/18 4:20 a.m.19 views

Description of the cumulative update for Lync Server 2010, Mediation Server: April 2011

Describes the bugs that are fixed in the Aptil, 2011 cumulative update package for Communicator 2007 R2.SummaryThis article describes the issues that are fixed in the update package for Microsoft Lync Server 2010, Web Components Server that is dated April, 2011.This article describes the followin...

6.5AI score
Exploits0
CNVD
CNVD
added 2017/06/14 12:0 a.m.3 views

Microsoft Skype for Business and Lync Server Remote Code Execution Vulnerability

Microsoft Skype is a suite of instant messaging software from the American company Microsoft. A remote code execution vulnerability exists in Microsoft Skype for Business and Lync Server. An attacker is allowed to exploit the vulnerability to execute arbitrary code within the context of the...

5.4CVSS8.3AI score0.22433EPSS
Exploits4References1
Symantec
Symantec
added 2017/06/13 12:0 a.m.41 views

Microsoft Skype for Business and Lync Server CVE-2017-8550 Remote Code Execution Vulnerability

Description Microsoft Skype for Business and Lync Server are prone to a remote code-execution vulnerability. Successfully exploiting this issue may result in the execution of arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service...

8.5CVSS1.6AI score0.22433EPSS
Exploits4References1Affected Software1
OpenVAS
OpenVAS
added 2016/10/18 12:0 a.m.25 views

HPE Sizer for Microsoft Lync Server Remote Arbitrary Code Execution Vulnerability

HPE Sizer for Microsoft Lync Server is prone to a remote arbitrary code execution vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...

8.1CVSS8.2AI score0.07197EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2016/10/17 12:0 a.m.8 views

HPE Sizing for Microsoft Lync Server Detection (Windows SMB Login)

Detects the installed version of HPE Sizing Tool for Microsoft Lync Server. The script logs in via smb, searches for SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

7.3AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.5 views

Vulnerability of Microsoft Lync Server software, allowing a remote attacker to compromise protected information

A cross-site scripting implementation that allows access to confidential information exists in Lync Server. This implementation is related to the improper processing browsing of specially crafted content. If it operates successfully, a malicious individual can execute scripts in the user’s browse...

4.3CVSS5.3AI score0.10916EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.6 views

The vulnerability of Microsoft Lync Server software allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information.

A vulnerability that allows for remote execution of code exists in vulnerable components and is related to the processing of specially crafted font files. Exploiting this vulnerability enables remote execution of code, provided that the user opens a specially crafted file or webpage. Exploiting...

9.3CVSS5.9AI score0.18875EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.5 views

The vulnerability of Microsoft Lync Server software allows a malicious attacker to compromise the accessibility of protected information.

The vulnerability in Lync Server allows a malicious individual to trigger a system failure...

5CVSS5.5AI score0.18986EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.6 views

The vulnerability of Microsoft Lync Server software allows a malicious attacker to compromise the accessibility of protected information.

The vulnerability in Lync Server allows a malicious individual to trigger a system failure...

5CVSS5.5AI score0.19692EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.5 views

Vulnerability of Microsoft Lync Server software, allowing a remote attacker to compromise protected information

A vulnerability that allows access to confidential information exists in Lync Server. This vulnerability is related to the improper processing e.g., filtering of specially crafted content. If exploited successfully, a malicious individual can execute scripts in the user’s browser and gain access ...

4.3CVSS5.5AI score0.5109EPSS
Exploits0References3Affected Software1
Symantec
Symantec
added 2015/11/10 12:0 a.m.22 views

Microsoft Skype for Business and Lync Server CVE-2015-6061 Security Bypass Vulnerability

Description Microsoft Skype for Business and Lync Server are prone to a security-bypass vulnerability. An attacker can leverage this issue to bypass certain security restrictions and perform unauthorized actions. Technologies Affected Microsoft Lync 2010 32-bit Microsoft Lync 2010 64-bit Microsof...

4.3CVSS0.4AI score0.12811EPSS
Exploits0Affected Software4
BDU FSTEC
BDU FSTEC
added 2015/09/23 12:0 a.m.5 views

The vulnerability of Microsoft Lync Server’s messaging server allows a hacker to inject arbitrary web or HTML code.

The vulnerability of Microsoft Lync Server’s messaging server exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary web or HTML code through a specially crafted URL...

4.3CVSS5.7AI score0.10889EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/09/23 12:0 a.m.5 views

The vulnerability of Skype for Business Server and Microsoft Lync Server allows a hacker to inject arbitrary web or HTML code.

The vulnerabilities of Skype for Business Server and Microsoft Lync Server exist due to the lack of measures taken to protect the website structure. Exploiting these vulnerabilities allows a malicious actor to inject arbitrary web or HTML code through a specially crafted URL...

4.3CVSS5.7AI score0.08863EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2015/09/23 12:0 a.m.6 views

The vulnerabilities of Microsoft Lync Server and Skype for Business Server allow attackers to inject arbitrary web or HTML code.

The vulnerability of the jQuery server messaging components in Microsoft Lync Server and Skype for Business Server exists due to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to inject arbitrary web or HTML code through a special...

4.3CVSS5.7AI score0.10889EPSS
Exploits0References2Affected Software2
securityvulns
securityvulns
added 2015/09/15 12:0 a.m.36 views

Microsoft Lync Server / Skype for Business crossite scripting

Multiple crossite scripting possibilities...

4.3CVSS1.5AI score0.10889EPSS
Exploits0Affected Software2
Rows per page
Query Builder