Microsoft Exchange Server Multiple Vulnerabilities

Last Update Date: 15 Jun 2016 17:47 Release Date: 15 Jun 2016 2975 Views

RISK: Medium Risk

Medium Risk

TYPE: Servers - Other Servers

TYPE: Other Servers
  1. Microsoft Exchange Information Disclosure Vulnerability
    An email filter bypass exists in the way that Microsoft Exchange parses HTML messages that could allow information disclosure. An attacker who successfully exploited the vulnerability could identify, fingerprint, and track a user online if the user views email messages using Outlook Web Access (OWA). An attacker could also combine this vulnerability with another one, such as a Cross-Site Request Forgery (CSRF), to amplify the attack.
  2. Oracle Outside In Libraries Elevation of Privilege Vulnerabilities
    This security update addresses the following vulnerabilities, which are described in Oracle Critical Patch Update Advisory - January 2016.

Impact

  • Elevation of Privilege
  • Information Disclosure

System / Technologies affected

  • Microsoft Exchange Server 2007, 2010, 2013, 2016

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Microsoft Windows Diagnostic Hub Elevation of Privilege Vulnerability

15 Jun 2016 2884 Views

Next

Microsoft Windows PDF Multiple Vulnerabilities

15 Jun 2016 2883 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY