Multiple vulnerabilities in Microsoft Exchange Server

Описание

Multiple serious vulnerabilities have been found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to gain privileges or spoof user interface.

Below is a complete list of vulnerabilities

1. An improper tokens validation can be exploited remotely via an unspecified vectors;
2. XSS vulnerability can be exploited remotely via a specially designed URL.

Первичный источник обнаружения

• CVE-2014-6325
  CVE-2014-6319
  CVE-2014-6336
  CVE-2014-6326
  

Связанные продукты

• Microsoft-Exchange-Server

Список CVE

• CVE-2014-6325
  warning
• CVE-2014-6319
  critical
• CVE-2014-6336
  warning
• CVE-2014-6326
  warning

Список KB

• 3011140
• 2986475
• 2996150
• 3009712

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com