2 matches found
CVE-2007-0220
CVE-2007-0220 is a cross-site scripting vulnerability in Outlook Web Access (OWA) of Microsoft Exchange Server 2000 SP3 and Exchange Server 2003 SP1/SP2. The issue arises from an incorrectly handled UTF character set label, allowing remote attackers to run scripts, spoof content, or access inform...
Microsoft Exchange Outlook Web Access UTF character set label script injection vulnerability
Overview Microsoft Exchange Outlook Web Access OWA fails to properly handle the UTF character set label, which can allow a remote, unauthenticated attacker to execute script within the security context of the OWA user. Description OWA allows users to access their email accounts on a Microsoft...