Reported October 15, 2003, by Microsoft.
VERSIONS AFFECTED
- Microsoft Exchange Server 5.5 Outlook Web Access (OWA)
DESCRIPTION
· A vulnerability in Microsoft Exchange Server 5.5 Outlook Web Access (OWA) can result in the execution of arbitrary code on the user’s system. This vulnerability stems from a cross-site scripting (XSS) vulnerability in the way OWA performs HTML encoding in the Compose New Message form. To exploit this vulnerability, an attacker can have a user run script on the attacker's behalf in the user's security context. The attacker's code would then use the security settings of the OWA Web site (or of a Web site hosted on the same server as the OWA Web site) and could let the attacker access any user-accessible data belonging to the site.
VENDOR RESPONSE
Microsoft has released security bulletin MS03-047, "Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow Cross-Site Scripting Attack (828489)," which addresses this vulnerability, and recommends that affected users immediately apply the appropriate patch listed in the bulletin.
CREDIT
Discovered by Ory Segal of Sanctum Inc.