Lucene search
K

908 matches found

NVD
NVD
added 2019/04/09 3:29 a.m.31 views

CVE-2019-0798

A spoofing vulnerability exists when a Lync Server or Skype for Business Server does not properly sanitize a specially crafted request, aka 'Skype for Business and Lync Spoofing Vulnerability'...

6.1CVSS6.2AI score0.02084EPSS
Exploits0References1
OSV
OSV
added 2019/04/09 3:29 a.m.4 views

CVE-2019-0798

A spoofing vulnerability exists when a Lync Server or Skype for Business Server does not properly sanitize a specially crafted request, aka 'Skype for Business and Lync Spoofing Vulnerability'...

6.1CVSS6.6AI score0.02084EPSS
Exploits0References1
Prion
Prion
added 2019/04/09 3:29 a.m.27 views

Spoofing

A spoofing vulnerability exists when a Lync Server or Skype for Business Server does not properly sanitize a specially crafted request, aka 'Skype for Business and Lync Spoofing Vulnerability'...

4.3CVSS6.2AI score0.02084EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2019/04/09 2:33 a.m.111 views

CVE-2019-0798

CVE-2019-0798 is a spoofing vulnerability in Skype for Business Server and Lync Server where an attacker could exploit a specially crafted request URL to cause cross-site scripting or UI spoofing. The issue is tied to improper sanitization of crafted inputs in affected servers, enabling an authen...

6.1CVSS6.2AI score0.02084EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2019/04/09 2:33 a.m.36 views

CVE-2019-0798

A spoofing vulnerability exists when a Lync Server or Skype for Business Server does not properly sanitize a specially crafted request, aka 'Skype for Business and Lync Spoofing Vulnerability'...

6.3AI score0.02084EPSS
Exploits0References1
Fedora
Fedora
added 2019/04/05 1:56 a.m.42 views

[SECURITY] Fedora 28 Update: pidgin-sipe-1.24.0-3.fc28

A third-party plugin for the Pidgin multi-protocol instant messenger. It implements the extended version of SIP/SIMPLE used by various products: Skype for Business Microsoft Office 365 Microsoft Business Productivity Online Suite BPOS Microsoft Lync Server Microsoft Office Communications Server O...

9.8CVSS1.4AI score0.08156EPSS
Exploits2
BDU FSTEC
BDU FSTEC
added 2019/03/22 12:0 a.m.4 views

The vulnerability of Microsoft Lync Server and Skype for Business Server messaging programs lies in the lack of protective measures for the website structure, allowing attackers to carry out cross-site scripting attacks.

The vulnerability of Microsoft Lync Server and Skype for Business Server’s instant messaging programs is related to the lack of protective measures taken for the website structure. Exploiting this vulnerability allows a malicious actor to carry out a cross-site scripting attack using a specially...

6.4CVSS6.3AI score0.02084EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/03/15 12:0 a.m.136 views

Skype for Business and Lync Spoofing Vulnerability

The Microsoft Skype for Business or Microsoft Lync installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability : - A spoofing vulnerability exists when a Skype for Business 2015 server does not properly sanitize a specially crafted...

6.1CVSS6.3AI score0.02084EPSS
Exploits0References2
Microsoft KB
Microsoft KB
added 2019/03/12 7:0 a.m.107 views

Microsoft Teams help & learning

None None...

6.1CVSS6.5AI score0.02084EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2019/03/12 7:0 a.m.61 views

Skype for Business and Lync Spoofing Vulnerability

A spoofing vulnerability exists when a Lync Server or Skype for Business Server does not properly sanitize a specially crafted request. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected server. The attacker who successfully exploited...

6.1CVSS1.3AI score0.02084EPSS
Exploits0
Symantec
Symantec
added 2019/03/12 12:0 a.m.65 views

Microsoft Skype for Business and Lync Server CVE-2019-0798 Spoofing Vulnerability

Description Microsoft Skype for Business and Lync Server are prone to a spoofing vulnerability. An attacker can exploit this issue to conduct spoofing attacks, execute arbitrary script code in the context of the affected site. This can allow the attacker to steal cookie-based authentication...

0.1AI score0.02084EPSS
Exploits0Affected Software2
Tenable Nessus
Tenable Nessus
added 2019/01/16 12:0 a.m.119 views

Security Updates for Microsoft Skype for Business and Microsoft Lync (January 2019 OOB)

The Microsoft Skype for Business or Microsoft Lync installation on the remote host is missing a security update. It is, therefore, affected by the following vulnerability : - A spoofing vulnerability exists when a Skype for Business 2015 server does not properly sanitize a specially crafted...

5.4CVSS5.5AI score0.01461EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2019/01/15 8:0 a.m.49 views

Skype for Business and Lync Spoofing Vulnerability

A spoofing vulnerability exists when a Lync Server or Skype for Business Server does not properly sanitize a specially crafted request. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected server. The attacker who successfully exploited...

5.4CVSS1.3AI score0.01461EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2019/01/10 12:0 a.m.7 views

The vulnerability of the Microsoft Lync for Mac instant messaging program, related to message processing errors, allows a hacker to redirect users to malicious websites or automatically download certain types of files from a list of safe file types.

The vulnerability of the Microsoft Lync for Mac instant messaging program exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to redirect users to malicious websites or automatically download certain file types as safe files through a...

7.5CVSS7.2AI score0.38177EPSS
Exploits5References5Affected Software1
Packet Storm
Packet Storm
added 2018/12/05 12:0 a.m.54 views

Microsoft Lync For Mac 2011 Injection

Exploit Title: Microsoft Lync for Mac 2011 Injection Forced Browsing/Download Author: @nyxgeek - TrustedSec Date: 2018-03-20 Vendor Homepage: microsoft.com Software Link: https://www.microsoft.com/en-us/download/details.aspx?id=36517 CVE: CVE-2018-8474 Version: Lync:Mac 2011 14.4.3, likely earlie...

5CVSS7.7AI score0.38177EPSS
Exploits5
exploitpack
exploitpack
added 2018/12/04 12:0 a.m.82 views

Microsoft Lync for Mac 2011 - Injection Forced BrowsingDownload

Microsoft Lync for Mac 2011 - Injection Forced BrowsingDownload Exploit Title: Microsoft Lync for Mac 2011 Injection Forced Browsing/Download Author: @nyxgeek - TrustedSec Date: 2018-03-20 Vendor Homepage: microsoft.com Software Link: https://www.microsoft.com/en-us/download/details.aspx?id=36517...

5CVSS7.9AI score0.38177EPSS
Exploits5
0day.today
0day.today
added 2018/12/04 12:0 a.m.69 views

Microsoft Lync for Mac 2011 - Injection Forced Browsing/Download Exploit

Exploit Title: Microsoft Lync for Mac 2011 Injection Forced Browsing/Download Author: @nyxgeek - TrustedSec Vendor Homepage: microsoft.com Software Link: https://www.microsoft.com/en-us/download/details.aspx?id=36517 CVE: CVE-2018-8474 Version: Lync:Mac 2011 14.4.3, likely earlier versions Tested...

7.5CVSS7.7AI score0.38177EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/12/04 12:0 a.m.84 views

Microsoft Lync for Mac 2011 - Injection Forced Browsing/Download

Exploit Title: Microsoft Lync for Mac 2011 Injection Forced Browsing/Download Author: @nyxgeek - TrustedSec Date: 2018-03-20 Vendor Homepage: microsoft.com Software Link: https://www.microsoft.com/en-us/download/details.aspx?id=36517 CVE: CVE-2018-8474 Version: Lync:Mac 2011 14.4.3, likely earlie...

7.5CVSS7AI score0.38177EPSS
Exploits5
ThreatPost
ThreatPost
added 2018/11/16 9:25 p.m.53 views

Emoji Attack Can Kill Skype for Business Chat

A denial of service DoS vulnerability in the Skype for Business unified communications platform has been uncovered, which can be triggered by sending large numbers of emojis to the instant messaging client. According to the SEC Consult Vulnerability Lab, which discovered the flaw CVE-2018-8546,...

4.3CVSS0.5AI score0.0546EPSS
Exploits1References3
CNVD
CNVD
added 2018/11/16 12:0 a.m.2 views

Microsoft Skype for Business and Lync Denial of Service Vulnerability

Microsoft Office is a suite of office software products.Skype for Business is one of the integrated communication platforms for businesses. A denial of service vulnerability exists in Microsoft Skype for Business and Lync. An attacker could exploit this vulnerability to cause the target service t...

5.9CVSS8.5AI score0.0546EPSS
Exploits1References1
Rows per page
Query Builder