Microsoft Communicator 2007 R2, Lync 2010, Lync 2010 Attendee, and Lync Server 2013 do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an invitation that triggers access to a deleted object, aka "Lync RCE Vulnerability."
References
Link | Resource |
---|---|
http://www.us-cert.gov/ncas/alerts/TA13-134A | Third Party Advisory US Government Resource |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-041 | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15952 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: microsoft
Published: 2013-05-15T01:00:00
Updated: 2018-10-12T19:57:01
Reserved: 2013-01-12T00:00:00
Link: CVE-2013-1302
JSON object: View
NVD Information
Status : Modified
Published: 2013-05-15T03:36:33.427
Modified: 2018-10-12T22:04:08.020
Link: CVE-2013-1302
JSON object: View
Redhat Information
No data.
CWE