cnvd-2019-14441
Vulnerability from cnvd
Title
Microsoft Skype for Business and Lync拒绝服务漏洞
Description
Microsoft Office 是一款办公软件套件产品。Skype for Business是其中的一个企业整合沟通平台。 Microsoft Skype for Business and Lync存在拒绝服务漏洞。攻击者可利用此漏洞导致目标服务停止响应,拒绝向合法用户提供服务。
Severity
Patch Name
Microsoft Skype for Business and Lync拒绝服务漏洞的补丁
Patch Description
Microsoft Office 是一款办公软件套件产品。Skype for Business是其中的一个企业整合沟通平台。 Microsoft Skype for Business and Lync存在拒绝服务漏洞。攻击者可利用此漏洞导致目标服务停止响应,拒绝向合法用户提供服务。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description

目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2018-8546

Reference
https://www.securityfocus.com/bid/105802 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8546
Impacted products
Name
['Microsoft Skype for Business 2016', 'Microsoft Skype for Business Basic 2016']
Show details on source website

To clipboard 

{
  "bids": {
    "bid": {
      "bidNumber": "105802"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-8546"
    }
  },
  "description": "Microsoft Office \u662f\u4e00\u6b3e\u529e\u516c\u8f6f\u4ef6\u5957\u4ef6\u4ea7\u54c1\u3002Skype for Business\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u4f01\u4e1a\u6574\u5408\u6c9f\u901a\u5e73\u53f0\u3002\n\nMicrosoft Skype for Business and Lync\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u5bfc\u81f4\u76ee\u6807\u670d\u52a1\u505c\u6b62\u54cd\u5e94\uff0c\u62d2\u7edd\u5411\u5408\u6cd5\u7528\u6237\u63d0\u4f9b\u670d\u52a1\u3002",
  "discovererName": "Sabine Degen of SEC Consult Vulnerability Lab",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5:\r\nhttps://portal.msrc.microsoft.com/zh-CN/security-guidance/advisory/CVE-2018-8546",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-14441",
  "openTime": "2019-05-16",
  "patchDescription": "Microsoft Office \u662f\u4e00\u6b3e\u529e\u516c\u8f6f\u4ef6\u5957\u4ef6\u4ea7\u54c1\u3002Skype for Business\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u4f01\u4e1a\u6574\u5408\u6c9f\u901a\u5e73\u53f0\u3002\r\n\r\nMicrosoft Skype for Business and Lync\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u5bfc\u81f4\u76ee\u6807\u670d\u52a1\u505c\u6b62\u54cd\u5e94\uff0c\u62d2\u7edd\u5411\u5408\u6cd5\u7528\u6237\u63d0\u4f9b\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Microsoft Skype for Business and Lync\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Microsoft Skype for Business 2016",
      "Microsoft Skype for Business Basic 2016"
    ]
  },
  "referenceLink": "https://www.securityfocus.com/bid/105802\r\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8546",
  "serverity": "\u4e2d",
  "submitTime": "2018-11-16",
  "title": "Microsoft Skype for Business and Lync\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.