Lucene search
K

4 matches found

CVE
CVE
added 2014/12/11 12:0 a.m.56 views

CVE-2014-6336

CVE-2014-6336 affects Microsoft Exchange Server 2013 SP1 and Cumulative Update 6 (Exchange 2013 SP1+CU6) via an improper validation of redirection tokens in Outlook Web App (OWA), enabling remote redirection to arbitrary sites and spoofing email origin. Connected sources confirm the affected prod...

3.5CVSS6.6AI score0.07072EPSS
Exploits0References1Affected Software1
Check Point Advisories
Check Point Advisories
added 2014/12/09 12:0 a.m.3 views

Microsoft Exchange Server Outlook Web Access URL Redirection (MS14-075; CVE-2014-6336)

A spoofing vulnerability exists in Microsoft Exchange Server. The vulnerability is due to an error in Microsoft Exchange when Microsoft Outlook Web Access OWA fails to properly validate redirection tokens. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...

3.5CVSS6.1AI score0.07072EPSS
Exploits0
Kaspersky
Kaspersky
added 2014/12/09 12:0 a.m.59 views

KLA10611 Multiple vulnerabilities in Microsoft Exchange Server

Multiple serious vulnerabilities have been found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to gain privileges or spoof user interface. Below is a complete list of vulnerabilities 1. An improper tokens validation can be exploited remotely via an unspecified...

5CVSS6.3AI score0.09699EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2014/12/09 12:0 a.m.116 views

MS14-075: Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege (3009712)

The version of Microsoft Exchange installed on the remote host is affected by multiple vulnerabilities : - A token spoofing vulnerability exists due to Microsoft Outlook Web App OWA not properly validating request tokens. A remote attacker can exploit this vulnerability by convincing a user to...

5CVSS5.5AI score0.09699EPSS
Exploits0References5
Rows per page
Query Builder