9.3

CVE-2009-0098

EPSS 53.73%
Published 10.02.2009 22:30:00
Last modified 09.04.2025 00:30:58
Source secure@microsoft.com
Teams watchlist Login
Open Login

Microsoft Exchange 2000 Server SP3, Exchange Server 2003 SP2, and Exchange Server 2007 SP1 do not properly interpret Transport Neutral Encapsulation (TNEF) properties, which allows remote attackers to execute arbitrary code via a crafted TNEF message, aka "Memory Corruption Vulnerability."

Affected products Warnungen 0 Metrics 2 CWE 0 References 8

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Exchange Server Version2000 Updatesp3

Microsoft ≫ Exchange Server Version2003 Updatesp2

Microsoft ≫ Exchange Server Version2007 Updatesp1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	53.73%	0.979

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

http://www.us-cert.gov/cas/techalerts/TA09-041A.html

US Government Resource

http://osvdb.org/51837

http://secunia.com/advisories/33838

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-003

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6114

https://nvd.nist.gov/vuln/detail/CVE-2009-0098

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-0098

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-0098

EUVD