Lucene search

[email protected]CVE-2008-2247

HistoryJul 08, 2008 - 11:41 p.m.

CVE-2008-2247

2008-07-0823:41:00

CWE-79

[email protected]

web.nvd.nist.gov

cve-2008-2247

cross-site scripting

xss

outlook web access

owa

exchange server 2003 sp2

remote attackers

6.1 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.964 High

EPSS

Percentile

99.6%

JSON

Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) for Exchange Server 2003 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified e-mail fields, a different vulnerability than CVE-2008-2248.

CPENameOperatorVersion
microsoft:exchange_servermicrosoft exchange servereq2003
microsoft:exchange_servermicrosoft exchange servereq2007

CPE	Name	Operator	Version
microsoft:exchange_server	microsoft exchange server	eq	2003
microsoft:exchange_server	microsoft exchange server	eq	2007

References

secunia.com/advisories/30964

www.securityfocus.com/bid/30130

www.securitytracker.com/id?1020439

www.us-cert.gov/cas/techalerts/TA08-190A.html

www.vupen.com/english/advisories/2008/2021/references

docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-039

exchange.xforce.ibmcloud.com/vulnerabilities/43328

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5354

6.1 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.964 High

EPSS

Percentile

99.6%

JSON

Related for CVE-2008-2247

securityvulns3 openvas2 nessus2 prion2 cve1 seebug1 checkpoint_advisories2 cert1