Описание
A remote code execution vulnerability exists when Skype for Business and Microsoft Lync clients fail to properly sanitize specially crafted content, aka "Remote Code Execution Vulnerability in Skype For Business and Lync." This affects Skype, Microsoft Lync.
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microsoft:lync:-:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:skype_for_business:-:*:*:*:*:*:*:*
EPSS
Процентиль: 96%
0.23576
Средний
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
msrc
около 7 лет назад
Remote Code Execution Vulnerability in Skype For Business and Lync
CVSS3: 8.8
github
больше 3 лет назад
A remote code execution vulnerability exists when Skype for Business and Microsoft Lync clients fail to properly sanitize specially crafted content, aka "Remote Code Execution Vulnerability in Skype For Business and Lync." This affects Skype, Microsoft Lync.
EPSS
Процентиль: 96%
0.23576
Средний
8.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-20