CVE-2014-4068

Microsoft Lync Server 2010 and 2013 - Denial of Service via Crafted Call

Title source: llm
STIX 2.1

Description

The Response Group Service in Microsoft Lync Server 2010 and 2013 and the Core Components in Lync Server 2013 do not properly handle exceptions, which allows remote attackers to cause a denial of service (daemon hang) via a crafted call, aka "Lync Denial of Service Vulnerability."

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/95544
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1030821
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/69586

Scores

EPSS 0.1969
EPSS Percentile 97.1%

Details

CWE
CWE-20
Status published
Products (2)
microsoft/lync_server 2010
microsoft/lync_server 2013
Published Sep 10, 2014
Tracked Since Feb 18, 2026