Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft exchange server 5.5 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2005-0563
Cross-site scripting (XSS) vulnerability in Microsoft Outlook Web Access (OWA) component in Exchange Server 5.5 allows remote malicious users to inject arbitrary web script or HTML via an email message with an encoded javascript: URL ("javAsc
ript:") i...
Microsoft Exchange Server 5.5
10
CVSSv2
CVE-1999-0385
The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote malicious user to conduct a denial of service or execute commands.
Microsoft Exchange Server 5.5
7.5
CVSSv2
CVE-2002-0698
Buffer overflow in Internet Mail Connector (IMC) for Microsoft Exchange Server 5.5 allows remote malicious users to execute arbitrary code via an EHLO request from a system with a long name as obtained through a reverse DNS lookup, which triggers the overflow in IMC's hello ...
Microsoft Exchange Server 5.5
4.3
CVSSv2
CVE-2003-0712
Cross-site scripting (XSS) vulnerability in the HTML encoding for the Compose New Message form in Microsoft Exchange Server 5.5 Outlook Web Access (OWA) allows remote malicious users to execute arbitrary web script.
Microsoft Exchange Server 5.5
5
CVSSv2
CVE-1999-0682
Microsoft Exchange 5.5 allows a remote malicious user to relay email (i.e. spam) using encapsulated SMTP addresses, even if the anti-relaying features are enabled.
Microsoft Exchange Server 5.5
7.5
CVSSv2
CVE-2002-0054
SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange Server 5.5 does not properly handle responses to NTLM authentication, which allows remote malicious users to perform mail relaying via an SMTP AUTH command using null session credentials.
Microsoft Exchange Server 5.5
Microsoft Windows 2000 -
5
CVSSv2
CVE-2001-0509
Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and previous versions, (2) Microsoft SQL Server 2000 and previous versions, (3) Windows NT 4.0, and (4) Windows 2000 allow remote malicious users to cause a denial of service via malformed inputs.
Microsoft Exchange Server 5.0
Microsoft Exchange Server 5.5
Microsoft Exchange Server 2000
Microsoft Sql Server 7.0
Microsoft Sql Server 2000
Microsoft Windows Nt 4.0
Microsoft Windows 2000 -
Microsoft Windows 2000
7.5
CVSSv2
CVE-2006-0002
Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote malicious users to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulation Format (TNEF) MIME att...
Microsoft Exchange Server 5.0
Microsoft Exchange Server 5.5
Microsoft Exchange Server 2000
Microsoft Office 2000
Microsoft Office 2003
Microsoft Office Xp
Microsoft Outlook 2000
Microsoft Outlook 2002
Microsoft Outlook 2003
5
CVSSv2
CVE-2002-1790
The SMTP service in Microsoft Internet Information Services (IIS) 4.0 and 5.0 allows remote malicious users to bypass anti-relaying rules and send spam or spoofed messages via encapsulated SMTP addresses, a similar vulnerability to CVE-1999-0682.
Microsoft Exchange Server 5.5
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
5
CVSSv2
CVE-2001-0660
Outlook Web Access (OWA) in Microsoft Exchange 5.5, SP4 and previous versions, allows remote malicious users to identify valid user email addresses by directly accessing a back-end function that processes the global address list (GAL).
Microsoft Exchange Server
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »