This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2013-07-09
Product Lync Basic Last view 2013-11-06
Version 2013 Type Application
Update -  
Edition x86  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:microsoft:lync_basic

Activity : Overall

Related : CVE

  Date Alert Description
9.3 2013-11-06 CVE-2013-3906

GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafted TIFF image, as demonstrated by an image in a Word document, and exploited in the wild in October and November 2013.

9.3 2013-07-09 CVE-2013-3129

Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight 5 before 5.1.20513.0; win32k.sys in the kernel-mode drivers, and GDI+, DirectWrite, and Journal, in Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT; GDI+ in Office 2003 SP3, 2007 SP3, and 2010 SP1; GDI+ in Visual Studio .NET 2003 SP1; and GDI+ in Lync 2010, 2010 Attendee, 2013, and Basic 2013 allow remote attackers to execute arbitrary code via a crafted TrueType Font (TTF) file, aka "TrueType Font Parsing Vulnerability."

CWE : Common Weakness Enumeration

%idName
100% (2) CWE-94 Failure to Control Generation of Code ('Code Injection')

ExploitDB Exploits

id Description
30011 Microsoft Tagged Image File Format (TIFF) Integer Overflow

Information Assurance Vulnerability Management (IAVM)

id Description
2013-A-0225 Microsoft GDI Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0042593
2013-A-0135 Microsoft GDI+ Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0039199
2013-B-0071 Multiple Vulnerabilities in Microsoft .NET Framework and Silverlight
Severity: Category II - VMSKEY: V0039211

Snort® IPS/IDS

Date Description
2014-01-10 Microsoft Office GDI library TIFF handling integer overflow attempt
RuleID : 28526 - Type : FILE-OFFICE - Revision : 8
2014-01-10 Microsoft Office GDI library TIFF handling integer overflow attempt
RuleID : 28525 - Type : FILE-OFFICE - Revision : 9
2014-01-10 Microsoft GDI library TIFF handling memory corruption attempt
RuleID : 28488 - Type : OS-WINDOWS - Revision : 3
2014-01-10 Microsoft GDI library TIFF handling memory corruption attempt
RuleID : 28487 - Type : OS-WINDOWS - Revision : 3
2014-01-10 Microsoft Office GDI library TIFF handling integer overflow attempt
RuleID : 28473 - Type : FILE-OFFICE - Revision : 8
2014-01-10 Microsoft Office GDI library TIFF handling integer overflow attempt
RuleID : 28472 - Type : FILE-OFFICE - Revision : 9
2014-01-10 Microsoft Office GDI library TIFF handling integer overflow attempt
RuleID : 28471 - Type : FILE-OFFICE - Revision : 9
2014-01-10 Microsoft Office GDI library TIFF handling integer overflow attempt
RuleID : 28470 - Type : FILE-OFFICE - Revision : 9
2014-01-10 Microsoft Office GDI library TIFF handling integer overflow attempt
RuleID : 28469 - Type : FILE-OFFICE - Revision : 9
2014-01-10 Microsoft Office GDI library TIFF handling integer overflow attempt
RuleID : 28468 - Type : FILE-OFFICE - Revision : 9
2014-01-10 Microsoft Office GDI library TIFF handling integer overflow attempt
RuleID : 28467 - Type : FILE-OFFICE - Revision : 9
2014-01-10 Microsoft Office GDI library TIFF handling integer overflow attempt
RuleID : 28466 - Type : FILE-OFFICE - Revision : 10
2014-01-10 Microsoft Office GDI library TIFF handling integer overflow attempt
RuleID : 28465 - Type : FILE-OFFICE - Revision : 9
2014-01-10 Microsoft Office GDI library TIFF handling integer overflow attempt
RuleID : 28464 - Type : FILE-OFFICE - Revision : 9

Nessus® Vulnerability Scanner

id Description
2013-12-11 Name: The remote Windows host has a remote code execution vulnerability.
File: smb_nt_ms13-096.nasl - Type: ACT_GATHER_INFO
2013-07-10 Name: The .NET Framework install on the remote Windows host could allow arbitrary c...
File: smb_nt_ms13-052.nasl - Type: ACT_GATHER_INFO
2013-07-10 Name: The Windows kernel on the remote host is affected by multiple vulnerabilities.
File: smb_nt_ms13-053.nasl - Type: ACT_GATHER_INFO
2013-07-10 Name: The remote Windows host has a remote code execution vulnerability.
File: smb_nt_ms13-054.nasl - Type: ACT_GATHER_INFO