Improper input validation in Microsoft Live_meeting
CVE-2015-2435
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 201…
Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)
EPSS: 0.302 (96.8th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Live_meeting — versions 2007
- Microsoft Lync — versions 2010, 2013
- Microsoft Lync_basic — versions 2013
- Microsoft .Net_framework — versions 3.0, 4.0, 4.5
- Microsoft Office — versions 2007, 2010
- Microsoft Silverlight
- Microsoft Windows_10
- Microsoft Windows_7
- Microsoft Windows_8
- Microsoft Windows_8.1
Weakness classification (CWE)
References
- MS15-080 (x_refsource_MS, vendor-advisory, Patch, Vendor Advisory)
- 1033238 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)
- secure@microsoft.com (VDB Entry, Third Party Advisory, x_refsource_MISC)
- 76238 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)