Lucene search
K
MicrosoftLync Basic

9 matches found

CVE
CVE
added 2019/07/15 6:56 p.m.274 views

CVE-2019-1084

CVE-2019-1084 affects Microsoft Exchange (display name creation with non-printable characters) leading to information disclosure. Root cause: display names with invalid characters bypass visibility controls and can be added to conversations; impact is partial confidentiality exposure per CVSS dat...

6.5CVSS5.3AI score0.05328EPSS
CVE
CVE
added 2015/08/15 12:0 a.m.134 views

CVE-2015-2464

CVE-2015-2463 and CVE-2015-2464 describe a TrueType font parsing vulnerability that allows remote code execution. Affected products include Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8/8.1, Windows Server 2012 Gold/R2, Windows RT 8.1, Office 2007 SP3 and 2010 SP2, L...

9.3CVSS7.3AI score0.35562EPSS
CVE
CVE
added 2015/08/15 12:0 a.m.107 views

CVE-2015-2463

CVE-2015-2463/2464 describe a TrueType font parsing vulnerability affecting multiple Windows variants (Vista SP2, 7 SP1, 8/8.1, Server 2008/2012, RT, Office 2007/2010, Silverlight, .NET Framework). The issue allows remote code execution via a crafted TrueType font, caused by a parsing flaw in the...

9.3CVSS7.3AI score0.34475EPSS
CVE
CVE
added 2015/08/15 12:0 a.m.105 views

CVE-2015-2435

CVE-2015-2435 is a TrueType font parsing vulnerability impacting Microsoft Windows (multiple editions listed) and related components (e.g., Silverlight, Office) that allows remote code execution via a crafted font. The issue is documented with a CVSS v2 base score of 9.3 (high) and network attack...

9.3CVSS7.4AI score0.2187EPSS
CVE
CVE
added 2015/08/15 12:0 a.m.104 views

CVE-2015-2455

CVE-2015-2455 (TrueType Font Parsing Vulnerability) is a Windows font-processing defect discovered via Project Zero fuzzing of the Windows kernel font stack (win32k.sys and ATMFD.DLL) affecting TrueType fonts and related SFNT tables. The Google Project Zero report outlines that incorrect handling...

9.3CVSS7.3AI score0.37429EPSS
CVE
CVE
added 2015/08/15 12:0 a.m.102 views

CVE-2015-2456

Summary from Project Zero (2016) : Windows kernel font handling (TTF/OTF) contained multiple vulnerabilities discovered via fuzzing (ATMFD.DLL, win32k.sys) with several CVEs (notably CVE-2015-2455 and CVE-2015-2456). Root cause highlighted: the IUP instruction handler in win32k!itrp_IUP failed to...

9.3CVSS7.3AI score0.35562EPSS
CVE
CVE
added 2018/11/14 1:0 a.m.102 views

CVE-2018-8546

CVE-2018-8546 is a denial-of-service vulnerability in Skype for Business (also affecting Lync) caused by improper handling of emojis. An attacker could trigger a DoS by sending a sequence of emojis, causing the target service to stop responding. Microsoft’s MSRC advisory notes the fix addresses e...

5.9CVSS6.1AI score0.0546EPSS
CVE
CVE
added 2013/07/10 1:0 a.m.100 views

CVE-2013-3129

CVE-2013-3129 concerns a TrueType Font (TTF) parsing vulnerability that allows remote code execution. Affected products include Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5; Silverlight 5 prior to 5.1.20513.0; and GDI+, DirectWrite, Journal in various Windows versions (XP through Windows ...

9.3CVSS7.3AI score0.32378EPSS
CVE
CVE
added 2015/08/15 12:0 a.m.98 views

CVE-2015-2431

CVE-2015-2431 is a remote code execution vulnerability in Microsoft Office Graphics Library (OGL) fonts. Affected products include Office 2007 SP3, Office 2010 SP2, Live Meeting 2007 Console, Lync 2010/Attendee, Lync 2013 SP1, and Lync Basic 2013 SP1. The underlying issue is with OGL font handlin...

9.3CVSS8AI score0.29843EPSS