(MS13-041) Vulnerability in Lync Could Allow Remote Code Execution (2834695)
Publish Date: 17 Mai 2013
Schweregrad:: Mittel
CVE Kennungen:: CVE-2013-1302
Hinweisdatum: 17 Mai 2013
Beschreibung
This security update patchesvulnerability in Microsoft Lync. The vulnerability could allow remote code execution if an attacker shares maliciously crafted content, such as a file or program, as a presentation in Lync or Communicator and then convinces a user to accept an invitation to view or share the presentable content. In all cases, an attacker would have no way to force users to view or share the attacker-controlled file or program. Instead, an attacker would have to convince users to take action, typically by getting them to accept an invitation in Lync or Communicator to view or share the presentable content.
Lösungen
Betroffene Software und Version:
- Microsoft Communicator 2007 R2
- Microsoft Lync 2010 (32-bit)
- Microsoft Lync 2010 (64-bit)
- Microsoft Lync 2010 Attendee
- Microsoft Lync Server 2013