CVE-2018-8311: Input Validation
First published: Wed Jul 11 2018(Updated: )
A remote code execution vulnerability exists when Skype for Business and Microsoft Lync clients fail to properly sanitize specially crafted content, aka "Remote Code Execution Vulnerability in Skype For Business and Lync." This affects Skype, Microsoft Lync.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Lync | =sp1 | |
| Microsoft Skype for Business |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-8311?
CVE-2018-8311 is a remote code execution vulnerability in Skype for Business and Microsoft Lync.
How does CVE-2018-8311 occur?
CVE-2018-8311 occurs when Skype for Business and Microsoft Lync clients fail to properly sanitize specially crafted content.
What is the severity level of CVE-2018-8311?
The severity level of CVE-2018-8311 is high (8.8).
Which software is affected by CVE-2018-8311?
Skype for Business and Microsoft Lync are affected by CVE-2018-8311.
How can I fix CVE-2018-8311?
To fix CVE-2018-8311, it is recommended to apply the necessary security updates provided by Microsoft.
- collector/nvd-index
- agent/weakness
- agent/severity
- agent/references
- agent/author
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/microsoft
- canonical/microsoft lync
- version/microsoft lync/sp1
- canonical/microsoft skype for business