Microsoft Lync Installed

Microsoft Lync previously known as Microsoft Office Communications is installed on the remote host. Microsoft Lync provides communications services such as instant messaging, VoIP, and video conferencing. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid68879;...

Microsoft Lync Server 2010 reachLocale Parameter XSS

According to its self-reported version number, the version of Web Components Server a component of Microsoft Lync 2010 has a cross-site scripting vulnerability. Input passed to the 'reachLocale' parameter of ReachJoin.aspx is not properly sanitized. An attacker could exploit this by tricking a us...

CVE-2013-3129

Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight 5 before 5.1.20513.0; win32k.sys in the kernel-mode drivers, and GDI+, DirectWrite, and Journal, in Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows ...

Microsoft Lync Attendee Remote Code Execution Vulnerability (2848295)

This host is missing a critical security update according to Microsoft Bulletin MS13-054. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

MS13-054: Vulnerability in GDI+ Could Allow Remote Code Execution (2848295)

The version of Microsoft's GDI+ subsystem installed on the remote host has an unspecified code execution vulnerability. Specially crafted TrueType font files are not processed properly. A remote, unauthenticated attacker could exploit this vulnerability by getting a user to view content that...

Microsoft Lync Remote Code Execution Vulnerability (2848295)

This host is missing an important security update according to Microsoft Bulletin MS13-054. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Windows TrueType Font CVE-2013-3129 Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Successful exploits will result in the execution of arbitrary code in kernel-mode. Failed attempts will cause a denial-of-service condition. The attacker can also exploit this issue through Microsoft Silverlight,...

PT-2013-4160 · Microsoft · Lync +13

Name of the Vulnerable Software and Affected Versions: Microsoft .NET Framework versions 3.0 SP2 through 4.5 Silverlight version 5 before 5.1.20513.0 Windows XP versions SP2 and SP3 Windows Server 2003 version SP2 Windows Vista version SP2 Windows Server 2008 versions SP2 and R2 SP1 Windows 7...

July 2013 Microsoft Patch Tuesday Security Updates

A critical Windows kernel vulnerability, publicly disclosed in May by a Google security engineer, will be patched tomorrow when Microsoft releases its July Patch Tuesday security updates. Tavis Ormandy, who has controversially disclosed Windows vulnerability details in the past, made a posting to...

Microsoft Lync code execution

Use-after-free vulnerability...

Microsoft Lync 远程代码执行漏洞(CVE-2013-1302)(MS13-041)

BUGTRAQ ID: 59791 CVECAN ID: CVE-2013-1302 Microsoft Lync 新一代企业整合沟通平台（前身为 Communications Server），提供了一种全新的、直观的用户体验，跨越 PC、Web、手机等其他移动设备，将不同的沟通方式集成到一个平台之中。 当 Lync 控件尝试访问内存中已删除对象时，存在一个远程执行代码漏洞。通过诱使目标用户接受邀请,以在 Lync 或 Communicator 会话内启动特制内容，攻击者利用此漏洞可以获得与当前用户相同的用户权限。 0 Microsoft Lync 2010 厂商补丁： Microsof...

CVE-2013-1302

Microsoft Communicator 2007 R2, Lync 2010, Lync 2010 Attendee, and Lync Server 2013 do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an invitation that triggers access to a deleted object, aka "Lync RCE Vulnerability."...

Code injection

Microsoft Communicator 2007 R2, Lync 2010, Lync 2010 Attendee, and Lync Server 2013 do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an invitation that triggers access to a deleted object, aka "Lync RCE Vulnerability."...

CVE-2013-1302

Microsoft Communicator 2007 R2, Lync 2010, Lync 2010 Attendee, and Lync Server 2013 do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an invitation that triggers access to a deleted object, aka "Lync RCE Vulnerability."...

CVE-2013-1302

The CVE-2013-1302 issue affects Microsoft Lync-related clients and servers (Communicator 2007 R2, Lync 2010, Lync 2010 Attendee, Lync Server 2013). It is a use-after-free in which Lync components fail to handle memory objects that have been deleted, enabling remote code execution when a user is i...

Microsoft Lync Server Version Detection

Detects the installed version of Microsoft Lync Server. The script logs in via smb, searches for Microsoft Lync Server in the registry and gets the version from Copyright C 2013 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

MS13-041: Vulnerability in Lync Could Allow Remote Code Execution (2834695)

The version of Microsoft Communicator and/or Lync installed on the remote host is potentially affected by a remote code execution if an attacker shares specially crafted content, such as a file or program, as a presentation in Lync or Communicator. C Tenable Network Security, Inc...

Microsoft Lync Remote Code Execution Vulnerability (2834695)

This host is missing an important security update according to Microsoft Bulletin MS13-041. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Lync Server Remote Code Execution Vulnerability (2834695)

This host is missing an important security update according to Microsoft Bulletin MS13-041. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Lync Attendee Remote Code Execution Vulnerability (2834695)

This host is missing an important security update according to Microsoft Bulletin MS13-041. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...