Microsoft

Exchange Server

220 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.5

CVE-2012-4791

  • EPSS 36.7%
  • Published 12.12.2012 00:55:01
  • Last modified 11.04.2025 00:51:21

Microsoft Exchange Server 2007 SP3 and 2010 SP1 and SP2 allows remote authenticated users to cause a denial of service (Information Store service hang) by subscribing to a crafted RSS feed, aka "RSS Feed May Cause Exchange DoS Vulnerability."

4

CVE-2010-3937

  • EPSS 38.21%
  • Published 16.12.2010 19:33:02
  • Last modified 11.04.2025 00:51:21

Microsoft Exchange Server 2007 SP2 on the x64 platform allows remote authenticated users to cause a denial of service (infinite loop and MSExchangeIS outage) via a crafted RPC request, aka "Exchange Server Infinite Loop Vulnerability."

4.3

CVE-2010-2091

Exploit
  • EPSS 4.08%
  • Published 27.05.2010 19:30:01
  • Last modified 11.04.2025 00:51:21

Microsoft Outlook Web Access (OWA) 8.2.254.0, when Internet Explorer 7 on Windows Server 2003 is used, does not properly handle the id parameter in a Folder IPF.Note action to the default URI, which might allow remote attackers to obtain sensitive in...

6.4

CVE-2010-1689

  • EPSS 25.77%
  • Published 07.05.2010 18:30:01
  • Last modified 11.04.2025 00:51:21

The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in Microsoft Windows 2000 SP4 and earlier, Windows XP SP3 and earlier, Windows Server 2003 SP2 and earlier, Windows Server 2008 SP2 and earlier, Windows Server 2008 R2, Exchange Server 2003 S...

6.4

CVE-2010-1690

  • EPSS 20.69%
  • Published 07.05.2010 18:30:01
  • Last modified 11.04.2025 00:51:21

The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in Microsoft Windows 2000 SP4 and earlier, Windows XP SP3 and earlier, Windows Server 2003 SP2 and earlier, Windows Server 2008 SP2 and earlier, Windows Server 2008 R2, Exchange Server 2003 S...

5

CVE-2010-0024

  • EPSS 40.22%
  • Published 14.04.2010 16:00:00
  • Last modified 11.04.2025 00:51:21

The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 Gold, SP2, and R2, and Exchange Server 2003 SP2, does not properly parse MX records, which allows remote DNS servers to cause a denial of service (serv...

5

CVE-2010-0025

  • EPSS 59.4%
  • Published 14.04.2010 16:00:00
  • Last modified 11.04.2025 00:51:21

The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 Gold, SP2, and R2, and Exchange Server 2000 SP3, does not properly allocate memory for SMTP command replies, which allows remote attackers to read frag...

9.3

CVE-2009-0098

  • EPSS 53.73%
  • Published 10.02.2009 22:30:00
  • Last modified 09.04.2025 00:30:58

Microsoft Exchange 2000 Server SP3, Exchange Server 2003 SP2, and Exchange Server 2007 SP1 do not properly interpret Transport Neutral Encapsulation (TNEF) properties, which allows remote attackers to execute arbitrary code via a crafted TNEF message...

5

CVE-2009-0099

  • EPSS 66.17%
  • Published 10.02.2009 22:30:00
  • Last modified 09.04.2025 00:30:58

The Electronic Messaging System Microsoft Data Base (EMSMDB32) provider in Microsoft Exchange 2000 Server SP3 and Exchange Server 2003 SP2, as used in Exchange System Attendant, allows remote attackers to cause a denial of service (application outage...

4.3

CVE-2008-1547

Exploit
  • EPSS 65.01%
  • Published 21.10.2008 01:18:01
  • Last modified 09.04.2025 00:30:58

Open redirect vulnerability in exchweb/bin/redir.asp in Microsoft Outlook Web Access (OWA) for Exchange Server 2003 SP2 (aka build 6.5.7638) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in th...