Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft outlook web access 2003 vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2003-0347
Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) SDK 5.0 up to and including 6.3 allows remote malicious users to execute arbitrary code via a document with a long ID parameter.
Microsoft Office 2000
Microsoft Office Xp
Microsoft Visual Basic 6.2
Microsoft Visio 2002
Microsoft Visual Basic 5.0
Microsoft Project 2000
Microsoft Project 2002
Microsoft Visual Basic 6.3
1 EDB exploit
945
VMScore
CVE-2006-4868
Stack-based buffer overflow in the Vector Graphics Rendering engine (vgx.dll), as used in Microsoft Outlook and Internet Explorer 6.0 on Windows XP SP2, and possibly other versions, allows remote malicious users to execute arbitrary code via a Vector Markup Language (VML) file wi...
Microsoft Outlook 2003
Microsoft Internet Explorer 6.0
Microsoft Internet Explorer 5.0.1
3 EDB exploits
1 Github repository
935
VMScore
CVE-2003-1026
Internet Explorer 5.01 through 6 SP1 allows remote malicious users to bypass zone restrictions via a javascript protocol URL in a sub-frame, which is added to the history list and executed in the top window's zone when the history.back (back) function is called, as demonstra...
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 5.0.1
Microsoft Internet Explorer 5.0
Microsoft Internet Explorer 6.0
Microsoft Ie 6.0
1 EDB exploit
760
VMScore
CVE-2003-0816
Internet Explorer 6 SP1 and previous versions allows remote malicious users to bypass zone restrictions by (1) using the NavigateAndFind method to load a file: URL containing Javascript, as demonstrated by NAFfileJPU, (2) using the window.open method to load a file: URL containin...
Microsoft Internet Explorer 5.0.1
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
Microsoft Ie 6.0
2 EDB exploits
755
VMScore
CVE-2002-0189
Cross-site scripting vulnerability in Internet Explorer 6.0 allows remote malicious users to execute scripts in the Local Computer zone via a URL that exploits a local HTML resource file, aka the "Cross-Site Scripting in Local HTML Resource" vulnerability.
Microsoft Internet Explorer 5.0
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
1 EDB exploit
668
VMScore
CVE-2003-0814
Internet Explorer 6 SP1 and previous versions allows remote malicious users to bypass zone restrictions and execute Javascript by setting the window's "href" to the malicious Javascript, then calling execCommand("Refresh") to refresh the page, aka BodyRef...
Microsoft Internet Explorer 6.0
Microsoft Ie 6.0
Microsoft Internet Explorer 5.0.1
Microsoft Internet Explorer 5.5
668
VMScore
CVE-2003-0532
Internet Explorer 5.01 SP3 up to and including 6.0 SP1 does not properly determine object types that are returned by web servers, which could allow remote malicious users to execute arbitrary code via an object tag with a data parameter to a malicious file hosted on a server that...
Microsoft Internet Explorer 5.0.1
Microsoft Ie 6.0
Microsoft Internet Explorer 5.5
Microsoft Internet Explorer 6.0
605
VMScore
CVE-2007-0220
Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2000 SP3, and 2003 SP1 and SP2 allows remote malicious users to execute arbitrary scripts, spoof content, or obtain sensitive information via certain UTF-encoded, script-based e-mail...
Microsoft Exchange Server 2000
Microsoft Exchange Server 2003
585
VMScore
CVE-2005-0420
Microsoft Outlook Web Access (OWA), when used with Exchange, allows remote malicious users to redirect users to arbitrary URLs for login via a link to the owalogon.asp application.
Microsoft Exchange Server 2003
1 EDB exploit
534
VMScore
CVE-2003-0904
Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication, does not properly reuse HTTP connections, which can cause OWA users to view mailboxes of other users when Kerberos has been disabled as an authentication method for IIS 6.0, e.g. whe...
Microsoft Exchange Server 2003
Microsoft Sharepoint Services 2.0
Microsoft Windows Server 2003
Microsoft Windows Server 2003 -
Microsoft Windows Server 2003 R2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »