KLA10657
Multiple vulnerabilities in Microsoft communication services

Обновлено: 03/06/2020
Дата обнаружения
08/09/2015
Уровень угрозы
Warning
Описание

Improper content sanitization at jQuery engine and other vectors were found in Lync Server and Skype for Business Server. By exploiting these vulnerabilities malicious users can gain privileges or obtain sensitive information. These vulnerabilities can be exploited remotely via a specially designed web content. Clients connected to affected servers are also affected.

Пораженные продукты

Lync Server 2013
Skype for Business Server 2015

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2015-2536
CVE-2015-2531
CVE-2015-2532
Оказываемое влияние
?
OSI 
[?]

PE 
[?]
Связанные продукты
Microsoft Lync Server
CVE-IDS
CVE-2015-25364.3Warning
CVE-2015-25314.3Warning
CVE-2015-25324.3Warning