CVE-2018-8311

CVE Database · CVE-2018-8311

CVE-2018-8311

· N/AModified

CVSS v3.1

N/A

EPSS

16.62%

Published

Jul 10, 2018

Modified

Nov 21, 2024

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A remote code execution vulnerability exists when Skype for Business and Microsoft Lync clients fail to properly sanitize specially crafted content, aka "Remote Code Execution Vulnerability in Skype For Business and Lync." This affects Skype, Microsoft Lync.

Weaknesses (CWE)

CWE-20

Affected Products (2)

microsoft · lyncvulnerable

microsoft · skype_for_businessvulnerable

References (8)

http://www.securityfocus.com/bid/104624

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1041259

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1041260

Third Party AdvisoryVDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8311

Vendor Advisory

http://www.securityfocus.com/bid/104624

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1041259

KEV Catalog EPSS Scores Vendors All CVEs