4 matches found
KLA10609 Multiple vulnerabilities in Microsoft Lync Server
Multiple serious vulnerabilities have been found in Microsoft Lync Server. Malicious users can exploit these vulnerabilities to inject arbitrary code or cause denial of service. Below is a complete list of vulnerabilities 1. XSS vulnerability can be exploited remotely via a specially designed URL...
CVE-2014-1823
Cross-site scripting XSS vulnerability in the Web Components Server in Microsoft Lync Server 2010 and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted URL containing a valid meeting ID, aka "Lync Server Content Sanitization Vulnerability."...
CVE-2014-1823
CVE-2014-1823 is an XSS vulnerability affecting Microsoft Lync Server 2010 and 2013, specifically in the Web Components Server. A crafted URL containing a valid meeting ID can be used to inject arbitrary web script or HTML remotely. Multiple connected advisories corroborate the issue as an inform...
MS14-032: Vulnerability in Microsoft Lync Server Could Allow Information Disclosure (2969258)
The version of Microsoft Lync Server installed on the remote host is affected by an information disclosure vulnerability that can be exploited by tricking a user into clicking a specially crafted URL. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid74424;...