|
|
Microsoft Outlook Web Access Remote Script Injection Vulnerability
|
Bugtraq ID:
|
23806
|
|
Class:
|
Input Validation Error
|
|
CVE:
|
CVE-2007-0220
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
May 08 2007 12:00AM
|
|
Updated:
|
May 17 2007 09:58PM
|
|
Credit:
|
Martijn Brinkers of Izecom is credited with the discovery of this vulnerability.
|
|
Vulnerable:
|
Microsoft Outlook Web Access for Exchange Server 2003
+
Microsoft Exchange Server 2003 SP1
+
Microsoft Exchange Server 2003
Microsoft Outlook Web Access for Exchange 2000 Server
+
Microsoft Exchange Server 2000 SP3
+
Microsoft Exchange Server 2000 SP2
+
Microsoft Exchange Server 2000 SP1
+
Microsoft Exchange Server 2000
Microsoft Exchange Server 2003 SP2
Microsoft Exchange Server 2003 SP1
Microsoft Exchange Server 2003
Microsoft Exchange Server 2000 SP3
Microsoft Exchange Server 2000 SP2
-
Microsoft Windows 2000 Advanced Server SP2
-
Microsoft Windows 2000 Advanced Server SP1
-
Microsoft Windows 2000 Advanced Server
-
Microsoft Windows 2000 Datacenter Server SP2
-
Microsoft Windows 2000 Datacenter Server SP1
-
Microsoft Windows 2000 Datacenter Server
-
Microsoft Windows 2000 Server SP2
-
Microsoft Windows 2000 Server SP1
-
Microsoft Windows 2000 Server
Microsoft Exchange Server 2000 SP1
-
Microsoft Windows 2000 Advanced Server SP2
-
Microsoft Windows 2000 Advanced Server SP1
-
Microsoft Windows 2000 Advanced Server
-
Microsoft Windows 2000 Datacenter Server SP2
-
Microsoft Windows 2000 Datacenter Server SP1
-
Microsoft Windows 2000 Datacenter Server
-
Microsoft Windows 2000 Server SP2
-
Microsoft Windows 2000 Server SP1
-
Microsoft Windows 2000 Server
Microsoft Exchange Server 2000
-
Microsoft Windows 2000 Advanced Server SP2
-
Microsoft Windows 2000 Advanced Server SP1
-
Microsoft Windows 2000 Advanced Server
-
Microsoft Windows 2000 Datacenter Server SP2
-
Microsoft Windows 2000 Datacenter Server SP1
-
Microsoft Windows 2000 Datacenter Server
-
Microsoft Windows 2000 Server SP2
-
Microsoft Windows 2000 Server SP1
-
Microsoft Windows 2000 Server
Avaya Messaging Application Server MM 3.1
Avaya Messaging Application Server MM 3.0
Avaya Messaging Application Server MM 2.0
Avaya Messaging Application Server 0
|
|
|
|
Not Vulnerable:
|
|
|
|
