3 matches found
Microsoft Exchange Server Outlook Web Access Script Injection (MS06-029; CVE-2006-1193)
Microsoft provides server and client side implementations of email protocols such as SMTP, POP3 and IMAP. The widely used Exchange Server product is an implementation of an email server capable of handling most standard Internet protocols as well as numerous proprietary Microsoft protocols and...
CVE-2006-1193
CVE-2006-1193 describes a script-injection (XSS) vulnerability in Microsoft Exchange Server running Outlook Web Access (OWA) across Exchange 2000 SP1–SP3. The issue arises from improper sanitization of e-mail content read via OWA, allowing a remote attacker to inject and execute HTML/script in th...
Microsoft Outlook Web Access for Exchange Server script injection vulnerability
Overview A script injection vulnerability exists in Microsoft Exchange Server running Outlook Web Access. Description Microsoft Outlook Web Access OWA is a service of Exchange Server. OWA allows authorized users to read and send email, manage their calendar, and perform other functions on an...