CVE-2001-0340

HIGH

An interaction between the Outlook Web Access (OWA) service in Microsoft Exchange 2000 Server and Internet Explorer allows attackers to execute malicious script code against a user's mailbox via a message attachment that contains HTML code, which is executed automatically.

CVSS v2.0 Score

7.5

/ 10.0

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P

Information

Published: 21 juil. 2001
Updated: 16 avr. 2026
Status: Modified
Source: cve@mitre.org

Affected products

microsoft exchange server

Versions : 5.5, 2000

Weaknesses (CWE)

CWE-434

References (6)

http://www.ciac.org/ciac/bulletins/l-091.shtml
Broken Link
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-030
PatchVendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6652
Third Party AdvisoryVDB Entry
http://www.ciac.org/ciac/bulletins/l-091.shtml
Broken Link
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-030
PatchVendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6652
Third Party AdvisoryVDB Entry

Similar CVEs

Other vulnerabilities of type CWE-434

Loading…

Monitor your products

Get automatic alerts for every new CVE affecting your equipment.

Enable monitoring