Improper input validation in Microsoft Lync_server
CVE-2014-4068
The Response Group Service in Microsoft Lync Server 2010 and 2013 and the Core Components in Lync Server 2013 do not properly handle exceptions, which allows remote attackers to cause a denial of service (daemon hang) via a crafted call, a…
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.311 (96.9th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Lync_server — versions 2010, 2013
- N/a — versions n/a
Weakness classification (CWE)
References
- ms-lync-cve20144068-dos(95544) (vdb-entry, x_refsource_XF)
- 1030821 (vdb-entry, x_refsource_SECTRACK)
- 69586 (vdb-entry, x_refsource_BID)
- secure@microsoft.com (x_refsource_CONFIRM)
- MS14-055 (x_refsource_MS, vendor-advisory)