Skip to main content

Microsoft Exchange Server Infinite Loop Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 15 Dec 2010 4530 Views

RISK: Medium Risk

A denial of service vulnerability exists in the way that the Microsoft Exchange store processes specially crafted RPC calls. The vulnerable code path is only accessible to authenticated users. An authenticated attacker could exploit the vulnerability by sending a specially crafted network message to a computer running the Exchange service. An attacker who successfully exploited this vulnerability could cause the Exchange service to stop responding until manually restarted.


Impact

  • Denial of Service

System / Technologies affected

  • Microsoft Exchange Server 2007

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Download locations for this patch


Vulnerability Identifier


Source


Related Link