English
Russian
Japanese
LatAm
Türkiye
Brasil
France
Český
Deutschland
KLA10591
Code injection in Microsoft Exchange Server
Updated: 06/01/2019
|
Detect date
?
|
03/10/2015 |
|
Severity
?
|
Warning |
|
Description
|
Multiple XSS vulnerabilities were found in Microsoft Exchange Server. By exploiting these vulnerabilities malicious users can inject arbitrary web script or spoof user interface. These vulnerabilities can be exploited remotely via a specially designed URL, msgParam or other unknown vectors. |
|
Affected products
|
Microsoft Exchange Server 2013 Service Pack 1 |
|
Solution
|
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel) |
|
Original advisories
|
CVE-2015-1629 |
|
Impacts
?
|
CI [?] SUI [?] |
|
Related products
|
Microsoft Exchange Server |
|
CVE-IDS
?
|
CVE-2015-16294.3Warning
CVE-2015-16284.3Warning CVE-2015-16315.0Critical CVE-2015-16304.3Warning CVE-2015-16324.3Warning |
|
Microsoft official advisories
|
Microsoft Security Update Guide |
|
KB list
|
|