Outlook Web Access (OWA) in Microsoft Exchange 5.5 Server, when used with Internet Explorer, does not properly detect certain inline script, which can allow remote attackers to perform arbitrary actions on a user's Exchange mailbox via an HTML e-mail message.
Score CVSS v2.0
7.5
/ 10.0
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Informations
- Publié
- 6 déc. 2001
- Mis à jour
- 16 avr. 2026
- Statut
- Modified
- Source
- cve@mitre.org
Produits affectés
microsoft exchange server
Versions : 5.5
Faiblesses (CWE)
NVD-CWE-noinfo
Références (8)
- http://www.osvdb.org/5557Broken Link
- http://www.securityfocus.com/bid/3650Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7663Third Party AdvisoryVDB Entry
- http://www.osvdb.org/5557Broken Link
- http://www.securityfocus.com/bid/3650Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7663Third Party AdvisoryVDB Entry
Surveillez vos produits
Recevez une alerte automatique à chaque nouvelle CVE affectant vos équipements.