Multiple vulnerabilities in Microsoft Exchange Server

Description

Multiple serious vulnerabilities were found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to execute arbitrary code and obtain sensitive information.

Below is a complete list of vulnerabilities:

1. A memory corruption vulnerability in Microsoft Exchange can be exploited remotely via specially crafted email to execute arbitrary code;
2. An information disclosure vulnerability in Microsoft Exchange can be exploited remotely via unspecified vector to obtain sensitive information.

Original advisories

• CVE-2019-0586

• CVE-2019-0588

Related products

• Microsoft-Exchange-Server

CVE list

• CVE-2019-0586
  critical
• CVE-2019-0588
  warning

KB list

• 4471389
• 4468742

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com