Vulnerability Details CVE-2014-4068
The Response Group Service in Microsoft Lync Server 2010 and 2013 and the Core Components in Lync Server 2013 do not properly handle exceptions, which allows remote attackers to cause a denial of service (daemon hang) via a crafted call, aka "Lync Denial of Service Vulnerability."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.311
EPSS Ranking 96.5%
CVSS Severity
CVSS v2 Score 5.0
References
- http://blogs.technet.com/b/srd/archive/2014/09/09/assessing-risk-for-the-september-2014-security-updates.aspx
- http://www.securityfocus.com/bid/69586
- http://www.securitytracker.com/id/1030821
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-055
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95544
- http://blogs.technet.com/b/srd/archive/2014/09/09/assessing-risk-for-the-september-2014-security-updates.aspx
- http://www.securityfocus.com/bid/69586
- http://www.securitytracker.com/id/1030821
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-055
- https://exchange.xforce.ibmcloud.com/vulnerabilities/95544
Products affected by CVE-2014-4068
-
cpe:2.3:a:microsoft:lync_server:2010
-
cpe:2.3:a:microsoft:lync_server:2013