4 matches found
CVE-2015-1764
CVE-2015-1764 describes a Server-Side Request Forgery in Microsoft Exchange Server 2013 SP1 with CU8, where Exchange web applications fail to enforce Same Origin Policy, allowing remote attackers to send HTTP requests to intranet hosts. Affected: Microsoft Exchange Server 2013 SP1 and CU8. Impact...
Microsoft Exchange Server Privilege Escalation Vulnerability (3062157)
This host is missing an important security update according to Microsoft Bulletin MS15-064. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...
Microsoft Exchange Server CVE-2015-1764 Same Origin Policy Security Bypass Vulnerability
Description Microsoft Exchange Server is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass the same-origin policy, obtain sensitive information and perform unauthorized actions. This could be used to steal sensitive information or launch other attacks...
KLA10598 Multiple vulnerabilities in Microsoft Exchange Server
Multiple serious vulnerabilities have been found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to gain privileges or obtain sensitive information. Below is a complete list of vulnerabilities 1. Improper same-origin policy handling can be exploited remotely via a...