4 matches found
CVE-2017-0110
CVE-2017-0110 is a Microsoft Exchange Server vulnerability affecting Outlook Web Access (OWA). The flaw is a Cross-Site Scripting (XSS)/script content injection vulnerability that occurs when Exchange OWA fails to properly handle web requests, allowing an attacker to inject arbitrary script or HT...
MS17-015: Security Update for Microsoft Exchange Server (4013242)
The remote Microsoft Exchange Server is missing a security update. It is, therefore, affected by an elevation of privilege vulnerability in Outlook Web Access OWA due to improper handling of web requests. An unauthenticated, remote attacker can exploit this issue, via a specially crafted email...
Microsoft Exchange Server Remote Privilege Escalation Vulnerability (4013242)
This host is missing an important security update according to Microsoft Bulletin MS17-015. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...
KLA10982 PE vulnerability in Microsoft Server Software
An improper handling of web requests was found in Microsoft Outlook Web Access. By exploiting this vulnerability malicious users can gain privileges. A successful exploit allows attackers to perform content/script injection attacks, make user disclose sensitive information. This vulnerability can...