94 matches found
Microsoft Outlook - 'ATTACH_BY_REF_ONLY' File Execution (MS10-045) (Metasploit)
$Id: ms10045outlookrefonly.rb 10389 2010-09-20 04:38:13Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Outlook ATTACH_BY_REF_RESOLVE File Execution
$Id: ms10045outlookrefresolve.rb 9925 2010-07-25 16:04:22Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Outlook ATTACH_BY_REF_ONLY File Execution
$Id: ms10045outlookrefonly.rb 9926 2010-07-25 17:31:04Z hdm $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Outlook ATTACH_BY_REF_ONLY File Execution
It has been discovered that certain e-mail message cause Outlook to create Windows shortcut-like attachments or messages within Outlook. Through specially crafted TNEF streams with certain MAPI attachment properties, it is possible to set a path name to files to be executed. When a user double...
Outlook PR_ATTACH_METHOD file execution vulnerability
------------------------------------------------------------------------ Outlook PRATTACHMETHOD file execution vulnerability ------------------------------------------------------------------------ Yorick Koster, October 2009 -----------------------------------------------------------------------...
NuPoint Messenger server transmits authentication credentials in plain text
Overview NuPoint Messenger is a unified communications product that connects to a Microsoft Exchange server. When communicating with the mail server, the NuPoint Messenger server transmits Exchange usernames and passwords in cleartext. Description The NuPoint Messenger server can connect to a...
Exchange Server EMSMDB2 MAPI命令远程拒绝服务漏洞(MS09-003)
BUGTRAQ ID: 33136 CVECAN ID: CVE-2009-0099 Microsoft Exchange Server是一款企业级的邮件服务程序。 Exchange Server的EMSMDB2提供程序没有正确地处理MAPI命令,远程攻击者可通过向使用EMSMDB32提供程序的应用发送特制的MAPI命令来利用此漏洞,导致应用程序停止响应。 这个漏洞也影响Microsoft Exchange System Attendant,因为它也使用EMSMDB32提供程序。Microsoft Exchange System Attendant是Microsoft...
Microsoft Security Bulletin MS09-003 - Critical Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239)
Microsoft Security Bulletin MS09-003 - Critical Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution 959239 Published: February 10, 2009 Version: 1.0 General Information Executive Summary This security update resolves two privately reported vulnerabilities in Microsoft Exchange...
Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239)
This host is missing a critical security update according to Microsoft Bulletin MS09-003. OpenVAS Vulnerability Test $Id: secpodms09-003.nasl 8725 2018-02-08 15:16:38Z cfischer $ Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution 959239 Authors: Chandan S Copyright c 2009...
Command injection
The Electronic Messaging System Microsoft Data Base EMSMDB32 provider in Microsoft Exchange 2000 Server SP3 and Exchange Server 2003 SP2, as used in Exchange System Attendant, allows remote attackers to cause a denial of service application outage via a malformed MAPI command, aka "Literal...
Microsoft Exchange Server EMSMDB32 Literal Processing (MS09-003; CVE-2009-0099)
The Microsoft Exchange Server is an implementation of an email server capable of handling numerous Internet protocol, including the Simple Mail Transfer Protocol SMTP. The EMSMDB32 provider refers to the Exchange Transport provider which implements both a transport and a message store provider fo...
Microsoft Exchange Server EMSMDB2 MAPI Command Remote Denial of Service Vulnerability
Description Microsoft Exchange Server is prone to a remote denial-of-service vulnerability. A successful exploit allows a remote attacker to cause the application to stop responding, denying service to legitimate users. Technologies Affected Avaya Messaging Application Server Avaya Messaging...
Current Versions Release History
Current Versions Release History 5.1c2 30-Jun-06 Valid Core License Keys: issued between 01-Jun-2004 and 31-Oct-2004, or on or after 01-Jun-2005. Admin: Lawful Intercept for Signals is implemented. WSSP: now all string prefixes HTML, JAVASCRIPT, etc. support numeric data. XIMSS: the Signal...
Security update 1970-01-01
...