Skip navigation
Menu
Collaboration>Email and Calendaring

Cross-site Scripting and Spoofing Vulnerability in Microsoft Exchange Server 5.5 Service Pack 4 (SP4) with Microsoft Outlook Web Access (OWA)

Reported August 10, 2004, by Microsoft

VERSIONS AFFECTED

  • Microsoft Exchange Server 5.5 Service Pack 4 (SP4) with Microsoft Outlook Web Access (OWA)
     

DESCRIPTION
A cross-site scripting and spoofing vulnerability in Exchange 5.5 SP4 could let an attacker convince an OWA user to run a malicious script. This vulnerability could let an attacker access any data on the OWA server that the user could access.

VENDOR RESPONSE
Microsoft has released bulletin MS04-026, "Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow Cross-Site Scripting and Spoofing Attacks (842436)," to address this vulnerability and recommends that affected users apply the appropriate patch listed in the bulletin.

CREDIT
Discovered by Microsoft.

TAGS: Security
Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Recommended Reading
zoom logo
Zoom Releases New AI-Powered Collaboration Platform—Zoom Workspace—Plus Other Updates
Mar 26, 2024
person working from home using smart phone and notebook computer
Monitoring Employee Productivity, Balance Surveillance with Transparency
Jan 03, 2024
zoom logo on screens of laptop and smartphone device.jpg
At Zoomtopia, Small Businesses Share Transformation Stories
Oct 12, 2023
zoom logo
Zoom Unveils Docs, Upgrades Contact Center Offerings
Oct 03, 2023