CVE-2014-4068
Microsoft Lync Server 2010 and 2013 - Denial of Service via Crafted Call
Title source: llmDescription
The Response Group Service in Microsoft Lync Server 2010 and 2013 and the Core Components in Lync Server 2013 do not properly handle exceptions, which allows remote attackers to cause a denial of service (daemon hang) via a crafted call, aka "Lync Denial of Service Vulnerability."
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/95544
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1030821
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/69586
Various Sources x_refsource_confirm
http://blogs.technet.com/b/srd/archive/2014/09/09/assessing-risk-for-the-september-2014-security-updates.aspx
Vendor Advisory vendor-advisory
x_refsource_ms
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-055
Scores
EPSS
0.1969
EPSS Percentile
97.1%
Details
CWE
CWE-20
Status
published
Products (2)
microsoft/lync_server
2010
microsoft/lync_server
2013
Published
Sep 10, 2014
Tracked Since
Feb 18, 2026