9.3

CVE-2009-0098

EPSS 62.51%
Veröffentlicht 10.02.2009 22:30:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle secure@microsoft.com
CVE-Watchlists
Login
Unerledigt
Login

Microsoft Exchange 2000 Server SP3, Exchange Server 2003 SP2, and Exchange Server 2007 SP1 do not properly interpret Transport Neutral Encapsulation (TNEF) properties, which allows remote attackers to execute arbitrary code via a crafted TNEF message, aka "Memory Corruption Vulnerability."

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Exchange Server Version2000 Updatesp3

Microsoft ≫ Exchange Server Version2003 Updatesp2

Microsoft ≫ Exchange Server Version2007 Updatesp1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	62.51%	0.983

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

http://www.us-cert.gov/cas/techalerts/TA09-041A.html

US Government Resource

http://osvdb.org/51837

http://secunia.com/advisories/33838

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-003

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6114

https://nvd.nist.gov/vuln/detail/CVE-2009-0098

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-0098

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-0098

EUVD