125 matches found
Description of the security update for Skype for Business Lync Server 2013: April 12, 2022 (KB5012681)
Description of the security update for Skype for Business Lync Server 2013: April 12, 2022 KB5012681 Summary This security update resolves an information disclosure vulnerability in Microsoft Lync Server. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposure...
Microsoft Skype for Business Server 安全漏洞
Microsoft Skype for Business Server is a secure, unified communications platform from Microsoft that provides instant messaging IM, audio and video calling, online conferencing, online status messages, and sharing capabilities. A security vulnerability exists in Skype for Business and Microsoft...
Microsoft Skype for Business Server 命令注入漏洞
Microsoft Skype for Business Server is a secure, unified communications platform from Microsoft that provides instant messaging IM, audio and video calling, online conferencing, online status messages, and sharing capabilities. A command injection vulnerability exists in Skype for Business and...
Microsoft Teams help & learning
None None...
Microsoft Lync Server Information Leakage Vulnerability
Microsoft Lync Server formerly known as Microsoft Office Communicator is a set of enterprise integrated communication platform from Microsoft. The platform is able to integrate different communication methods into one platform across PCs, Web, cell phones, and other mobile devices. An information...
Microsoft Teams help & learning
None None...
Microsoft Skype for Business and Lync Server CVE-2019-1029 Denial of Service Vulnerability
Description Microsoft Skype for Business and Lync Server are prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the target service to stop responding, denying service to legitimate users. Technologies Affected Microsoft Lync Server 2010 Microsoft Lync...
Microsoft Teams help & learning
None None...
Should You Send Your Pen Test Report to the MSRC?
Every day, the Microsoft Security Response Center MSRC receives vulnerability reports from security researchers, technology/industry partners, and customers. We want those reports, because they help us make our products and services more secure. High-quality reports that include proof of concept,...
Microsoft Lync Server/Skype for Business Server Cross-Site Scripting Vulnerability
Microsoft Lync is the next generation of integrated enterprise communication platform. A cross-site scripting vulnerability exists in Microsoft Lync Server 2013 and Skype for Business Server 2015, which can be exploited by remote attackers to inject arbitrary web script or HTML via a constructed...
Microsoft Lync Server Cross-Site Scripting Vulnerability (CNVD-2015-05941)
Microsoft Lync is the next generation of integrated enterprise communication platform. A cross-site scripting vulnerability exists in Microsoft Lync Server 2013, which can be exploited by remote attackers to inject arbitrary web script or HTML via a constructed URL...
Cross site scripting
Cross-site scripting XSS vulnerability in Microsoft Lync Server 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Lync Server XSS Information Disclosure Vulnerability."...
CVE-2015-2532
Microsoft Lync Server 2013 contains a cross-site scripting vulnerability (CVE-2015-2532) triggered by a crafted URL, due to improper sanitization (jQuery-based context cited). It permits remote attackers to run arbitrary web script in a user’s browser, as described in the CVE record and corrobora...
CVE-2014-4071
The Server in Microsoft Lync Server 2013 allows remote attackers to cause a denial of service NULL pointer dereference and daemon hang via a crafted request, aka "Lync Denial of Service Vulnerability."...
Cross site scripting
Cross-site scripting XSS vulnerability in the Web Components Server in Microsoft Lync Server 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Lync XSS Information Disclosure Vulnerability."...
Denial of service
The Response Group Service in Microsoft Lync Server 2010 and 2013 and the Core Components in Lync Server 2013 do not properly handle exceptions, which allows remote attackers to cause a denial of service daemon hang via a crafted call, aka "Lync Denial of Service Vulnerability."...
CVE-2014-4071
The Server in Microsoft Lync Server 2013 allows remote attackers to cause a denial of service NULL pointer dereference and daemon hang via a crafted request, aka "Lync Denial of Service Vulnerability."...
CVE-2014-4070
CVE-2014-4070 is an XSS vulnerability affecting Microsoft Lync Server 2013 (Web Components Server). The issue allows remote attackers to inject arbitrary web script or HTML via a crafted URL, stemming from insufficient input sanitization. Multiple connected sources corroborate this, listing Lync ...
CVE-2014-1823
CVE-2014-1823 is an XSS vulnerability affecting Microsoft Lync Server 2010 and 2013, specifically in the Web Components Server. A crafted URL containing a valid meeting ID can be used to inject arbitrary web script or HTML remotely. Multiple connected advisories corroborate the issue as an inform...
Code injection
Microsoft Communicator 2007 R2, Lync 2010, Lync 2010 Attendee, and Lync Server 2013 do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an invitation that triggers access to a deleted object, aka "Lync RCE Vulnerability."...