Microsoft Exchange Server Outlook Web Access Cross Site Request Forgery Vulnerability

Microsoft Exchange Server Outlook Web Access is prone to a cross-site request-forgery vulnerability.

Exploiting this issue may allow a remote attacker to perform certain actions in the context of an authorized user's session and gain unauthorized access to the affected application; other attacks are also possible.

Microsoft Exchange Server 2007 versions prior to Service Pack 3 are reported to be vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus