78 matches found
Buffer overflow
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Exchange ActiveSync" component. It allows remote attackers to erase a device in opportunistic circumstances by hijacking a cleartext AutoDiscover V1 session during the setup of an Exchange accoun...
CVE-2017-7088
An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Exchange ActiveSync" component. It allows remote attackers to erase a device in opportunistic circumstances by hijacking a cleartext AutoDiscover V1 session during the setup of an Exchange accoun...
CVE-2017-7088
The CVE-2017-7088 entry affects iOS prior to 11 in the Exchange ActiveSync (EAS) AutoDiscover V1 workflow. Root cause: a vulnerability allowing an attacker who can observe the AutoDiscover V1 session to hijack a cleartext exchange during Exchange account setup, enabling the attacker to erase the ...
How to collect ActiveSync device logs (EAS logs) from Exchange
...
Apple iOS Exchange ActiveSync Authentication Vulnerability
Apple iOS is an operating system developed by Apple for mobile devices.Exchange ActiveSync is one of the Microsoft Exchange synchronization protocols. A security vulnerability exists in the Exchange ActiveSync component in versions of Apple iOS prior to 11. A remote attacker can exploit this...
Vulnerability Management Market Disruptors
Gartners recent vulnerability management report provides a wealth of insight into vulnerability management VM tools and advice for how to build effective VM programs. Although VM tools and capabilities have changed since the reports last iteration in 2015, interestingly one thing hasnt: Gartners...
XenMobile 10.x : Addition of shared Mailbox in Secure Mail
Question: Does XenMobile 10.x support the addition of a shared Mailbox in Secure Mail For both iOS and Android ? Answer: Currently this is not supported on Secure Mail ActiveSync protocol officially doesn't support shared access/delegation. Hence, Secure Mail both iOS and Android also doesn’t cla...
Microsoft Office OneNote 2007 DLL Hijacking Vulnerability
Exploit for windows platform in category local exploits ------------------------------------------------------------------------ Microsoft Office OneNote 2007 DLL side loading vulnerability ------------------------------------------------------------------------ Yorick Koster, September 2015...
Microsoft Office OneNote 2007 DLL Hijacking
------------------------------------------------------------------------ Microsoft Office OneNote 2007 DLL side loading vulnerability ------------------------------------------------------------------------ Yorick Koster, September 2015...
Draft folder emails in Secure Mail not syncing with MS Exchange
Q: Users create drafts in Secure Mail but these do not get synced with MS Exchange and viewable in Outlook. After repeated attempts to amend and save the draft it will be deleted without being synced. Is this a known issue? A: With regard to the Draft folder syncing, there are limitation regardin...
CVE-2016-2415
exchange/eas/EasAutoDiscover.java in the Autodiscover implementation in Exchange ActiveSync in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to obtain sensitive information via a crafted application that triggers a spoofed response to a GET request, ak...
CVE-2016-2415
exchange/eas/EasAutoDiscover.java in the Autodiscover implementation in Exchange ActiveSync in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to obtain sensitive information via a crafted application that triggers a spoofed response to a GET request, ak...
Design/Logic Flaw
exchange/eas/EasAutoDiscover.java in the Autodiscover implementation in Exchange ActiveSync in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to obtain sensitive information via a crafted application that triggers a spoofed response to a GET request, ak...
CVE-2016-2415
exchange/eas/EasAutoDiscover.java in the Autodiscover implementation in Exchange ActiveSync in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to obtain sensitive information via a crafted application that triggers a spoofed response to a GET request, ak...
CVE-2016-2415
Technical details for CVE-2016-2415 are not publicly provided in the supplied documents. The available records summarize an information-disclosure vulnerability in Exchange ActiveSync/Autodiscover without specifics on affected products, versions, root cause, or fixes. Monitor for updates.
Android Exchange ActiveSync Information Disclosure Vulnerability
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA for short. Exchange ActiveSync is one of the Microsoft Exchange synchronization protocols. An information disclosure vulnerability exists in Exchange ActiveSync for Android. A loca...
[SECURITY] Fedora 21 Update: zarafa-7.1.14-1.fc21
The Zarafa Collaboration Platform is a Microsoft Exchange replacement. The Open Source Collaboration provides an integration with your existing Linux mail server, native mobile phone support by ActiveSync compatibility and a webaccess with 'Look & Feel' similar to Outlook using Ajax. Including an...
[SECURITY] Fedora 21 Update: zarafa-7.1.12-2.fc21
The Zarafa Collaboration Platform is a Microsoft Exchange replacement. The Open Source Collaboration provides an integration with your existing Linux mail server, native mobile phone support by ActiveSync compatibility and a webaccess with 'Look & Feel' similar to Outlook using Ajax. Including an...
[SECURITY] Fedora 20 Update: zarafa-7.1.12-2.fc20
The Zarafa Collaboration Platform is a Microsoft Exchange replacement. The Open Source Collaboration provides an integration with your existing Linux mail server, native mobile phone support by ActiveSync compatibility and a webaccess with 'Look & Feel' similar to Outlook using Ajax. Including an...
Apple iOS Version and Model Detection via ActiveSync
Binary data 8770.prm...