Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 08/05/2007 Updated: 09/04/2020

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2000 SP3, and 2003 SP1 and SP2 allows remote malicious users to execute arbitrary scripts, spoof content, or obtain sensitive information via certain UTF-encoded, script-based e-mail attachments, involving an "incorrectly handled UTF character set label".

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft exchange server 2000
microsoft exchange server 2003

CWE-79 http://www.kb.cert.org/vuls/id/124113 http://www.securityfocus.com/bid/23806 http://www.securitytracker.com/id?1018015 http://secunia.com/advisories/25183 http://www.us-cert.gov/cas/techalerts/TA07-128A.html http://www.osvdb.org/34389 http://www.vupen.com/english/advisories/2007/1711 https://exchange.xforce.ibmcloud.com/vulnerabilities/33887 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1371 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-026 http://www.securityfocus.com/archive/1/468871/100/200/threaded https://nvd.nist.gov https://www.kb.cert.org/vuls/id/124113

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2007-0220

Vulnerability Summary

References

Vulmon Search

About

Products

Connect