Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft outlook web access vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2003-0712
Cross-site scripting (XSS) vulnerability in the HTML encoding for the Compose New Message form in Microsoft Exchange Server 5.5 Outlook Web Access (OWA) allows remote malicious users to execute arbitrary web script.
Microsoft Exchange Server 5.5
4.3
CVSSv2
CVE-2018-0940
Microsoft Exchange Outlook Web Access (OWA) in Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 20, Microsoft Exchange Server 2013 Cumulative Update 18, Microsoft Exchange Server 2013 Cumulative Update 19, Microsoft Exchange Server 2013 Service Pack 1, Microsoft Exchan...
Microsoft Exchange Server 2013
Microsoft Exchange Server 2016
Microsoft Exchange Server 2010
1 Article
5.8
CVSSv2
CVE-2019-0817
A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests, aka 'Microsoft Exchange Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0858.
Microsoft Exchange Server 2010
Microsoft Exchange Server 2016
Microsoft Exchange Server 2013
Microsoft Exchange Server 2019
1 Article
4.3
CVSSv2
CVE-2019-0858
A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests, aka 'Microsoft Exchange Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0817.
Microsoft Exchange Server 2016
Microsoft Exchange Server 2013
Microsoft Exchange Server 2019
1 Article
7.5
CVSSv2
CVE-2002-0865
A certain class that supports XML (Extensible Markup Language) in Microsoft Virtual Machine (VM) 5.0.3805 and previous versions, probably com.ms.osp.ospmrshl, exposes certain unsafe methods, which allows remote malicious users to execute unsafe code via a Java applet, aka "I...
Microsoft Virtual Machine 3100
Microsoft Virtual Machine 3805
Microsoft Virtual Machine 3188
Microsoft Virtual Machine 3200
Microsoft Virtual Machine 3300
Microsoft Virtual Machine 3802
Microsoft Virtual Machine 2000
Microsoft Virtual Machine 3000
5.8
CVSSv2
CVE-2018-8159
An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests, aka "Microsoft Exchange Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.
Microsoft Exchange Server 2016
Microsoft Exchange Server 2013
6
CVSSv2
CVE-2003-0904
Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication, does not properly reuse HTTP connections, which can cause OWA users to view mailboxes of other users when Kerberos has been disabled as an authentication method for IIS 6.0, e.g. whe...
Microsoft Sharepoint Services 2.0
Microsoft Exchange Server 2003
Microsoft Windows Server 2003 -
Microsoft Windows Server 2003
Microsoft Windows Server 2003 R2
5.8
CVSSv2
CVE-2018-8448
An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.
Microsoft Exchange Server 2013
Microsoft Exchange Server 2016
4.3
CVSSv2
CVE-2008-2247
Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) for Exchange Server 2003 SP2 allows remote malicious users to inject arbitrary web script or HTML via unspecified e-mail fields, a different vulnerability than CVE-2008-2248.
Microsoft Exchange Server 2003
Microsoft Exchange Server 2007
4.3
CVSSv2
CVE-2016-0030
Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2013 PS1, 2013 Cumulative Update 10, and 2016 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL, aka "Exchange Spoofing Vulnerability."
Microsoft Exchange Server 2013
Microsoft Exchange Server 2016
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »