CVE-2018-8474

CVE Database · CVE-2018-8474

CVE-2018-8474

· N/AModified

CVSS v3.1

N/A

EPSS

38.18%

Published

Sep 12, 2018

Modified

Nov 21, 2024

Public PoC / Exploit (2)

All weaponized →

Exploit-DBMicrosoft Lync for Mac 2011 - Injection Forced Browsing/Download TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A security feature bypass vulnerability exists when Lync for Mac 2011 fails to properly sanitize specially crafted messages, aka "Lync for Mac 2011 Security Feature Bypass Vulnerability." This affects Microsoft Lync.

Weaknesses (CWE)

CWE-20

Affected Products (1)

microsoft · lync_for_macvulnerable

References (8)

http://www.securityfocus.com/bid/105268

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1041633

Third Party AdvisoryVDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8474

Vendor Advisory

https://www.exploit-db.com/exploits/45936/

ExploitThird Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/105268

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1041633

KEV Catalog EPSS Scores Vendors All CVEs