| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS12-039 | Vulnerabilities in Lync Could Allow Remote Code Execution (2707956) | Microsoft Communicator | Important | 13-06-2012 |
Technical Information
Brief overview of the risk:
This security update resolves one publicly disclosed vulnerability and three privately reported vulnerabilities in Microsoft Lync. The most severe vulnerabilities could allow remote code execution if a user views shared content that contains specially crafted TrueType fonts.
Detailed Information on the risk:
A remote code execution vulnerability exists in the way that affected components handle shared content that contains specially crafted TrueType fonts. The vulnerability could allow remote code execution if a user views shared content that contains specially crafted TrueType fonts. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
Further information on this exploit is available at : MS12-039
Affected Software
Microsoft Communicator 2007 R2Microsoft Lync 2010 (32-bit)
Microsoft Lync 2010 (64-bit)
Microsoft Lync 2010 Attendee
Microsoft Lync 2010 Attendant (32-bit)
Microsoft Lync 2010 Attendant (64-bit)