This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2015-09-08
Product Skype For Business Server Last view 2019-04-08
Version 2015 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:microsoft:skype_for_business_server

Activity : Overall

Related : CVE

  Date Alert Description
6.1 2019-04-08 CVE-2019-0798

A spoofing vulnerability exists when a Lync Server or Skype for Business Server does not properly sanitize a specially crafted request, aka 'Skype for Business and Lync Spoofing Vulnerability'.

4.3 2015-09-08 CVE-2015-2536

Cross-site scripting (XSS) vulnerability in Microsoft Lync Server 2013 and Skype for Business Server 2015 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Skype for Business Server and Lync Server XSS Elevation of Privilege Vulnerability."

4.3 2015-09-08 CVE-2015-2531

Cross-site scripting (XSS) vulnerability in the jQuery engine in Microsoft Lync Server 2013 and Skype for Business Server 2015 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Skype for Business Server and Lync Server XSS Information Disclosure Vulnerability."

CWE : Common Weakness Enumeration

%idName
100% (3) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')

Information Assurance Vulnerability Management (IAVM)

id Description
2015-B-0113 Multiple Vulnerabilities in Skype for Business and Microsoft Lync Server (MS1...
Severity: Category I - VMSKEY: V0061375

Nessus® Vulnerability Scanner

id Description
2015-09-09 Name: The remote host is affected by multiple vulnerabilities.
File: smb_nt_ms15-104.nasl - Type: ACT_GATHER_INFO