This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2015-05-13
Product Lync Last view 2015-11-11
Version 2013 Type Application
Update sp1  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware x64  
Other *  
 
CPE Product cpe:2.3:a:microsoft:lync

Activity : Overall

Related : CVE

  Date Alert Description
4.3 2015-11-11 CVE-2015-6061

Cross-site scripting (XSS) vulnerability in Microsoft Skype for Business 2016, Lync 2010 and 2013 SP1, Lync 2010 Attendee, and Lync Room System allows remote attackers to inject arbitrary web script or HTML via an instant-message session, aka "Server Input Validation Information Disclosure Vulnerability."

9.3 2015-05-13 CVE-2015-1671

The Windows DirectWrite library, as used in Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, and 4.5.2; Office 2007 SP3 and 2010 SP2; Live Meeting 2007 Console; Lync 2010; Lync 2010 Attendee; Lync 2013 SP1; Lync Basic 2013 SP1; Silverlight 5 before 5.1.40416.00; and Silverlight 5 Developer Runtime before 5.1.40416.00, allows remote attackers to execute arbitrary code via a crafted TrueType font, aka "TrueType Font Parsing Vulnerability."

CWE : Common Weakness Enumeration

%idName
50% (1) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
50% (1) CWE-19 Data Handling

Snort® IPS/IDS

Date Description
2016-03-14 javascript found in SIP headers attempt
RuleID : 36735 - Type : PROTOCOL-VOIP - Revision : 3
2016-03-14 javascript found in SIP headers attempt
RuleID : 36734 - Type : PROTOCOL-VOIP - Revision : 3
2016-03-14 javascript found in SIP headers attempt
RuleID : 36733 - Type : PROTOCOL-VOIP - Revision : 3
2015-06-17 Microsoft Windows Win32k TrueType Font parsing out of bounds attempt
RuleID : 34441 - Type : OS-WINDOWS - Revision : 2
2015-06-17 Microsoft Windows Win32k TrueType Font parsing out of bounds attempt
RuleID : 34440 - Type : OS-WINDOWS - Revision : 2

Nessus® Vulnerability Scanner

id Description
2015-11-11 Name: The remote host is affected by a cross-site scripting vulnerability.
File: smb_nt_ms15-123.nasl - Type: ACT_GATHER_INFO
2015-05-13 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms15-044.nasl - Type: ACT_GATHER_INFO
2015-05-12 Name: A multimedia application framework installed on the remote Mac OS X host is a...
File: macosx_ms15-049.nasl - Type: ACT_GATHER_INFO