Microsoft Outlook Web Access crossite scripting - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Microsoft Outlook Web Access crossite scripting
updated since 08.07.2003
Published: 15.06.2005
Source: BUGTRAQ
SecurityVulns ID: 2960
Type: remote
Level: 6/10
Description: It's possible to inject script into message and to acces username/password.

Affected: MICROSOFT : Exchange 5.5
EXCHANGE : Exchange 2000

Original document MICROSOFT, Microsoft Security Bulletin MS05-029 Vulnerability in Outlook Web Access for Exchange Server 5.5 Could Allow Cross-Site Scripting Attacks (895179) (15.06.2005)

Amit Klein, HTTP Response Splitting vulnerability in Microsoft Outlook Web Access for Exchange 5.5 (12.08.2004)

document MICROSOFT, Microsoft Security Bulletin MS04-026 Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow Cross-Site Scripting and Spoofing Attacks (842436) (11.08.2004)

Ory Segal, Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow Cross-Site Scripting Attack (Microsoft Security Bulletin MS03-047) (17.10.2003)

document MICROSOFT, Microsoft Security Bulletin MS03-047 (16.10.2003)

Hugo Vázquez Caramés, Domain User Credentials access via OWA XSS (10.07.2003)

Hugo Vázquez Caramés, XSS in OWA allows stealing windows domain user credentials (08.07.2003)

Files: Microsoft Security Bulletin MS04-026 Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow Cross-Site Scripting and Spoofing Attacks (842436)
Microsoft Security Bulletin MS05-029 Vulnerability in Outlook Web Access for Exchange Server 5.5 Could Allow Cross-Site Scripting Attacks (895179)
Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin