Microsoft

Exchange Server

233 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 24.92%
  • Veröffentlicht 10.02.2009 22:30:00
  • Zuletzt bearbeitet 16.06.2026 23:04:15

Microsoft Exchange 2000 Server SP3, Exchange Server 2003 SP2, and Exchange Server 2007 SP1 do not properly interpret Transport Neutral Encapsulation (TNEF) properties, which allows remote attackers to execute arbitrary code via a crafted TNEF message...

  • EPSS 26.24%
  • Veröffentlicht 10.02.2009 22:30:00
  • Zuletzt bearbeitet 16.06.2026 23:04:15

The Electronic Messaging System Microsoft Data Base (EMSMDB32) provider in Microsoft Exchange 2000 Server SP3 and Exchange Server 2003 SP2, as used in Exchange System Attendant, allows remote attackers to cause a denial of service (application outage...

Exploit
  • EPSS 45.93%
  • Veröffentlicht 21.10.2008 01:18:01
  • Zuletzt bearbeitet 16.06.2026 22:51:57

Open redirect vulnerability in exchweb/bin/redir.asp in Microsoft Outlook Web Access (OWA) for Exchange Server 2003 SP2 (aka build 6.5.7638) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in th...

Exploit
  • EPSS 24.56%
  • Veröffentlicht 08.07.2008 23:41:00
  • Zuletzt bearbeitet 16.06.2026 22:53:24

Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) for Exchange Server 2003 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified e-mail fields, a different vulnerability than CVE-2008-2248.

  • EPSS 24.61%
  • Veröffentlicht 08.07.2008 23:41:00
  • Zuletzt bearbeitet 16.06.2026 22:53:24

Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) for Exchange Server 2003 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified HTML, a different vulnerability than CVE-2008-2247.

  • EPSS 44.57%
  • Veröffentlicht 08.05.2007 23:19:00
  • Zuletzt bearbeitet 16.06.2026 22:34:45

The Exchange Collaboration Data Objects (EXCDO) functionality in Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 allows remote attackers to cause a denial of service (crash) via an Internet Calendar (iCal) file containing multiple X-MI...

  • EPSS 66.16%
  • Veröffentlicht 08.05.2007 23:19:00
  • Zuletzt bearbeitet 16.06.2026 22:35:07

Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 does not properly decode certain MIME encoded e-mails, which allows remote attackers to execute arbitrary code via a crafted base64-encoded MIME e-mail message.

  • EPSS 33.15%
  • Veröffentlicht 08.05.2007 23:19:00
  • Zuletzt bearbeitet 16.06.2026 22:35:08

Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2000 SP3, and 2003 SP1 and SP2 allows remote attackers to execute arbitrary scripts, spoof content, or obtain sensitive information via certain UTF-enco...

  • EPSS 37.24%
  • Veröffentlicht 08.05.2007 23:19:00
  • Zuletzt bearbeitet 16.06.2026 22:35:08

Integer overflow in the IMAP (IMAP4) support in Microsoft Exchange Server 2000 SP3 allows remote attackers to cause a denial of service (service hang) via crafted literals in an IMAP command, aka the "IMAP Literal Processing Vulnerability."

  • EPSS 39.17%
  • Veröffentlicht 13.06.2006 19:06:00
  • Zuletzt bearbeitet 16.06.2026 22:22:11

Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2000 SP1 through SP3, when running Outlook Web Access (OWA), allows user-assisted remote attackers to inject arbitrary HTML or web script via unknown vectors related to "HTML parsi...