Microsoft

Exchange Server

220 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2008-2247

Exploit
  • EPSS 24%
  • Veröffentlicht 08.07.2008 23:41:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) for Exchange Server 2003 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified e-mail fields, a different vulnerability than CVE-2008-2248.

4.3

CVE-2008-2248

  • EPSS 25.12%
  • Veröffentlicht 08.07.2008 23:41:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) for Exchange Server 2003 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified HTML, a different vulnerability than CVE-2008-2247.

7.8

CVE-2007-0039

  • EPSS 41.55%
  • Veröffentlicht 08.05.2007 23:19:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The Exchange Collaboration Data Objects (EXCDO) functionality in Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 allows remote attackers to cause a denial of service (crash) via an Internet Calendar (iCal) file containing multiple X-MI...

10

CVE-2007-0213

  • EPSS 81.41%
  • Veröffentlicht 08.05.2007 23:19:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 does not properly decode certain MIME encoded e-mails, which allows remote attackers to execute arbitrary code via a crafted base64-encoded MIME e-mail message.

6.8

CVE-2007-0220

  • EPSS 47.33%
  • Veröffentlicht 08.05.2007 23:19:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2000 SP3, and 2003 SP1 and SP2 allows remote attackers to execute arbitrary scripts, spoof content, or obtain sensitive information via certain UTF-enco...

7.8

CVE-2007-0221

  • EPSS 64.69%
  • Veröffentlicht 08.05.2007 23:19:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Integer overflow in the IMAP (IMAP4) support in Microsoft Exchange Server 2000 SP3 allows remote attackers to cause a denial of service (service hang) via crafted literals in an IMAP command, aka the "IMAP Literal Processing Vulnerability."

2.6

CVE-2006-1193

  • EPSS 62.67%
  • Veröffentlicht 13.06.2006 19:06:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2000 SP1 through SP3, when running Outlook Web Access (OWA), allows user-assisted remote attackers to inject arbitrary HTML or web script via unknown vectors related to "HTML parsi...

7.5

CVE-2006-0027

  • EPSS 87.05%
  • Veröffentlicht 10.05.2006 02:10:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Unspecified vulnerability in Microsoft Exchange allows remote attackers to execute arbitrary code via e-mail messages with crafted (1) vCal or (2) iCal Calendar properties.

7.5

CVE-2006-0002

  • EPSS 56.18%
  • Veröffentlicht 10.01.2006 22:03:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote attackers to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulatio...

7.5

CVE-2005-1987

  • EPSS 59.29%
  • Veröffentlicht 13.10.2005 10:02:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in Collaboration Data Objects (CDO), as used in Microsoft Windows and Microsoft Exchange Server, allows remote attackers to execute arbitrary code when CDOSYS or CDOEX processes an e-mail message with a large header name, as demonstra...