CVE-2005-0563

MEDIUM

Cross-site scripting (XSS) vulnerability in Microsoft Outlook Web Access (OWA) component in Exchange Server 5.5 allows remote attackers to inject arbitrary web script or HTML via an email message with an encoded javascript: URL ("jav&#X41sc
ript:") in an IMG tag.

Score CVSS v2.0

4.3

/ 10.0

MEDIUM

AV:N/AC:M/Au:N/C:N/I:P/A:N

Informations

Publié: 14 juin 2005
Mis à jour: 16 avr. 2026
Statut: Modified
Source: secure@microsoft.com

Produits affectés

microsoft exchange server

Versions : 5.5

Faiblesses (CWE)

CWE-79

Références (8)

http://secunia.com/advisories/15697
Third Party Advisory
http://www.idefense.com/application/poi/display?id=261&type=vulnerabilities
PatchThird Party Advisory
http://www.securityfocus.com/bid/13952
Third Party AdvisoryVDB Entry
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-029
PatchVendor Advisory
http://secunia.com/advisories/15697
Third Party Advisory
http://www.idefense.com/application/poi/display?id=261&type=vulnerabilities
PatchThird Party Advisory
http://www.securityfocus.com/bid/13952
Third Party AdvisoryVDB Entry
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-029
PatchVendor Advisory

CVEs similaires

Autres vulnérabilités de type CWE-79

Loading…

Surveillez vos produits

Recevez une alerte automatique à chaque nouvelle CVE affectant vos équipements.

Activer la surveillance