Kaspersky Threats

Solutions for:

Kaspersky ID:

KLA10657

Detect Date:

09/08/2015

Updated:

06/03/2020

Description

Improper content sanitization at jQuery engine and other vectors were found in Lync Server and Skype for Business Server. By exploiting these vulnerabilities malicious users can gain privileges or obtain sensitive information. These vulnerabilities can be exploited remotely via a specially designed web content. Clients connected to affected servers are also affected.

Original advisories

CVE list

CVE-2015-2536
warning
CVE-2015-2531
warning
CVE-2015-2532
warning

KB list

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!

Kaspersky ID:

KLA10657

Detect Date:

09/08/2015

Updated:

06/03/2020

Severity

warning

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected products

Lync Server 2013
Skype for Business Server 2015

Kaspersky Next

Let’s go Next: redefine your business’s cybersecurity

Learn more

New Kaspersky!

Your digital life deserves complete protection!

Learn more

Confirm changes?

Your message has been sent successfully.

Multiple vulnerabilities in Microsoft communication services

Description

Original advisories

Related products

CVE list

KB list

Read more