9.3
CVE-2009-0098
- EPSS 24.92%
- Veröffentlicht 10.02.2009 22:30:00
- Zuletzt bearbeitet 16.06.2026 23:04:15
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Microsoft Exchange 2000 Server SP3, Exchange Server 2003 SP2, and Exchange Server 2007 SP1 do not properly interpret Transport Neutral Encapsulation (TNEF) properties, which allows remote attackers to execute arbitrary code via a crafted TNEF message, aka "Memory Corruption Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Exchange Server Version2000 Updatesp3
Microsoft ≫ Exchange Server Version2003 Updatesp2
Microsoft ≫ Exchange Server Version2007 Updatesp1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 24.92% | 0.976 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
http://www.us-cert.gov/cas/techalerts/TA09-041A.html
http://osvdb.org/51837
http://secunia.com/advisories/33838
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-003
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6114