4 matches found
CVE-2014-6336
CVE-2014-6336 affects Microsoft Exchange Server 2013 SP1 and Cumulative Update 6 (Exchange 2013 SP1+CU6) via an improper validation of redirection tokens in Outlook Web App (OWA), enabling remote redirection to arbitrary sites and spoofing email origin. Connected sources confirm the affected prod...
Microsoft Exchange Server Outlook Web Access URL Redirection (MS14-075; CVE-2014-6336)
A spoofing vulnerability exists in Microsoft Exchange Server. The vulnerability is due to an error in Microsoft Exchange when Microsoft Outlook Web Access OWA fails to properly validate redirection tokens. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...
KLA10611 Multiple vulnerabilities in Microsoft Exchange Server
Multiple serious vulnerabilities have been found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to gain privileges or spoof user interface. Below is a complete list of vulnerabilities 1. An improper tokens validation can be exploited remotely via an unspecified...
MS14-075: Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege (3009712)
The version of Microsoft Exchange installed on the remote host is affected by multiple vulnerabilities : - A token spoofing vulnerability exists due to Microsoft Outlook Web App OWA not properly validating request tokens. A remote attacker can exploit this vulnerability by convincing a user to...