Lucene search

[email protected]CVE-2004-0203

HistoryNov 23, 2004 - 5:00 a.m.

CVE-2004-0203

2004-11-2305:00:00

CWE-79

[email protected]

web.nvd.nist.gov

security

cross-site scripting

xss

outlook web access

exchange server 5.5

nvd

cve-2004-0203

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.962 High

EPSS

Percentile

99.5%

JSON

Cross-site scripting (XSS) vulnerability in Outlook Web Access for Exchange Server 5.5 Service Pack 4 allows remote attackers to insert arbitrary script and spoof content in HTML email or web caches via an HTML redirect query.

CPENameOperatorVersion
microsoft:exchange_servermicrosoft exchange servereq5.5

CPE	Name	Operator	Version
microsoft:exchange_server	microsoft exchange server	eq	5.5

References

www.kb.cert.org/vuls/id/948750

docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-026

exchange.xforce.ibmcloud.com/vulnerabilities/16583

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2016

5.9 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.962 High

EPSS

Percentile

99.5%

JSON

Related for CVE-2004-0203

openvas2 securityvulns1 cvelist1 cert1 checkpoint_advisories1 nessus1