908 matches found
CVE-2015-2431
Microsoft Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, and Lync Basic 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office Graphics Library OGL font, aka "Microsoft Office Graphics Component Remote Code Execution...
CVE-2015-2463
CVE-2015-2463/2464 describe a TrueType font parsing vulnerability affecting multiple Windows variants (Vista SP2, 7 SP1, 8/8.1, Server 2008/2012, RT, Office 2007/2010, Silverlight, .NET Framework). The issue allows remote code execution via a crafted TrueType font, caused by a parsing flaw in the...
Smart Traffic Sniffing: NetRipper
Smart Traffic Sniffing NetRipper is a post exploitation tool targeting Windows systems which uses API hooking in order to intercept network traffic and encryption related functions from a low privileged user, being able to capture both plain-text traffic and encrypted traffic before...
Microsoft Lync Attendee Remote Code Execution Vulnerabilities (3078662)
This host is missing a critical security update according to Microsoft Bulletin MS15-080. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Lync Remote Code Execution Vulnerabilities (3078662)
This host is missing a critical security update according to Microsoft Bulletin MS15-080. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft issues Security Patches for Windows 10 and Edge Browser
Updated your PCs to Windows 10? Now it’s time to patch your Windows 10 software. Microsoft has issued its monthly Patch Tuesday by releasing 14 security bulletins, nearly half of it address vulnerabilities in its latest operating system, Windows 10. Four of them are marked critical, affecting...
Microsoft Windows TrueType Fonts CVE-2015-2456 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft .NET...
Microsoft Windows TrueType Fonts CVE-2015-2435 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft Live...
Microsoft Windows TrueType Fonts CVE-2015-2464 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft .NET...
Microsoft Windows TrueType Fonts CVE-2015-2455 Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits allow attackers to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Technologies Affected Microsoft .NET...
Microsoft Lync Attendee Remote Code Execution Vulnerability (3057110)
This host is missing a critical security update according to Microsoft Bulletin MS15-044. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft Lync Remote Code Execution Vulnerability (3057110)
This host is missing a critical security update according to Microsoft Bulletin MS15-044. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2015-1671
The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2; Office 2007 SP3 and 2010 SP2; Live Meeting 2007 Console; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1; Lync Basic 2013 SP1; Silverlight 5 before 5.1.40416.00; and Silverlight 5...
CVE-2015-1671
Summary: CVE-2015-1671 covers a remote code execution vulnerability in the Windows DirectWrite font parsing path used by multiple Microsoft products (Windows fonts stack, .NET Framework components, Office Lync/Live Meeting, Silverlight). The issue arises from handling of crafted TrueType fonts, e...
Microsoft Lync multiple security vulnerabilities
Information disclosure, DoS...
CVE-2014-4071
The Server in Microsoft Lync Server 2013 allows remote attackers to cause a denial of service NULL pointer dereference and daemon hang via a crafted request, aka "Lync Denial of Service Vulnerability."...
CVE-2014-4068
The Response Group Service in Microsoft Lync Server 2010 and 2013 and the Core Components in Lync Server 2013 do not properly handle exceptions, which allows remote attackers to cause a denial of service daemon hang via a crafted call, aka "Lync Denial of Service Vulnerability."...
CVE-2014-4070
Cross-site scripting XSS vulnerability in the Web Components Server in Microsoft Lync Server 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Lync XSS Information Disclosure Vulnerability."...
Null pointer dereference
The Server in Microsoft Lync Server 2013 allows remote attackers to cause a denial of service NULL pointer dereference and daemon hang via a crafted request, aka "Lync Denial of Service Vulnerability."...
Denial of service
The Response Group Service in Microsoft Lync Server 2010 and 2013 and the Core Components in Lync Server 2013 do not properly handle exceptions, which allows remote attackers to cause a denial of service daemon hang via a crafted call, aka "Lync Denial of Service Vulnerability."...