Remote Code Execution Vulnerability in TrueType fonts in Microsoft LyncDeprecated |
ID: oval:org.secpod.oval:def:6055 | Date: (C)2012-06-19 (M)2023-12-14 |
Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft Lync 2010 or Lync 2010 Attendee and is prone to remote code execution vulnerability. A flaw is present in applications, which fail to handle shared content that contains specially crafted TrueType fonts. Successful exploitation allows remote attackers to install programs or view or change or delete data or create new accounts with full user rights.
Platform: |
Microsoft Windows 7 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Vista |
Microsoft Windows XP |
Product: |
Microsoft Lync 2010 |
Microsoft Lync 2010 Attendee |