How to Buy
This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.
Arbitrary code can be executed on the remote host through Microsoft
The remote Windows host is potentially affected by the following
- Multiple code execution vulnerabilities exist in the
handling of specially crafted TrueType font files.
- An insecure library loading vulnerability exists in the
way that Microsoft Lync handles the loading of DLL
- An HTML sanitization vulnerability exists in the way
that HTML is filtered. (CVE-2012-1858)
See also :
Microsoft has released a set of patches for Lync 2010, Lync 2010
Attendee, Lync 2010 Attendant, and Communicator 2007 R2.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : true
Family: Windows : Microsoft Bulletins
Nessus Plugin ID: 59457 ()
Bugtraq ID: 50462533355383153842
CVE ID: CVE-2011-3402CVE-2012-0159CVE-2012-1849CVE-2012-1858
Upgrade to Nessus Professional today!
Start your free Nessus Cloud trial now!
Begin Free Trial
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.