Microsoft Exchange Server 授权问题漏洞

Microsoft Exchange Server is the United States Microsoft Microsoft company's set of e-mail service program. It provides email access, storage, forwarding, voice mail, email filtering and screening, and other features. An authorization issue vulnerability exists in Microsoft Exchange Server. The...

Microsoft Exchange Server 代码注入漏洞

Microsoft Exchange Server is the United States Microsoft Microsoft company's set of e-mail service program. It provides email access, storage, forwarding, voicemail, email filtering and screening, and other features. A code injection vulnerability exists in Microsoft Exchange Server. The followin...

Information disclosure

Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 20, Microsoft Exchange Server 2013 Cumulative Update 18, Microsoft Exchange Server 2013 Cumulative Update 19, Microsoft Exchange Server 2013 Service Pack 1, Microsoft Exchange Server 2016 Cumulative Update 7, and Microsoft Exchange Serve...

CVE-2018-0940

Microsoft Exchange Outlook Web Access OWA in Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 20, Microsoft Exchange Server 2013 Cumulative Update 18, Microsoft Exchange Server 2013 Cumulative Update 19, Microsoft Exchange Server 2013 Service Pack 1, Microsoft Exchange Server 2016...

Microsoft Exchange Server CVE-2015-2505 Information Disclosure Vulnerability

Description Microsoft Exchange Server is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Exchange Server 2013 Cumulative Update 8 Microsoft Exchange Server...

CVE-2015-2359

Cross-site scripting XSS vulnerability in the web applications in Microsoft Exchange Server 2013 Cumulative Update 8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Exchange HTML Injection Vulnerability."...

CVE-2015-1771

Cross-site request forgery CSRF vulnerability in the web applications in Microsoft Exchange Server 2013 SP1 and Cumulative Update 8 allows remote attackers to hijack the authentication of arbitrary users, aka "Exchange Cross-Site Request Forgery Vulnerability."...

CVE-2015-1764

CVE-2015-1764 describes a Server-Side Request Forgery in Microsoft Exchange Server 2013 SP1 with CU8, where Exchange web applications fail to enforce Same Origin Policy, allowing remote attackers to send HTTP requests to intranet hosts. Affected: Microsoft Exchange Server 2013 SP1 and CU8. Impact...

CVE-2015-2359

CVE-2015-2359 affects Microsoft Exchange Server 2013, specifically the web applications in Cumulative Update 8. The vulnerability is a Cross-site Scripting/HTML injection issue caused by insufficient sanitization of user-supplied input in Exchange web applications. Potential impact includes execu...

Microsoft Exchange Server CVE-2015-2359 HTML Injection Vulnerability

Description Microsoft Exchange Server is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. Attacker-supplied HTML and script code would run in the context of the affected browser, potentially allowing the attacker to steal cookie-based...