Description
Multiple serious vulnerabilities have been found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information and spoof user interface.
Below is a complete list of vulnerabilities:
- An improper handling of objects in memory in Microsoft Exchange can be exploited remotely via a specially designed e-mail to obtain sensitive information;
- Multiple vulnerabilities in Microsoft Exchange Outlook Web Access (OWA) can be exploited remotely via a specially designed website to gain privileges or spoof user interface;
- Memory corruption vulnerability in Microsoft Exchange software can be exploited remotely via a specially designed e-mail to execute arbitrary code;
Original advisories
Related products
CVE list
- CVE-2018-8152 high
- CVE-2018-8153 high
- CVE-2018-8151 warning
- CVE-2018-8154 critical
- CVE-2018-8159 high
KB list
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!