Описание
Multiple serious vulnerabilities have been found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to obtain sensitive information and gain privileges.
Below is a complete list of vulnerabilities:
- An incorrect parsing of Calendar-related messages can be exploited by sending Calendar-related messages with specially designed tags to server to obtain sensitive information.
- An improper validation of webrequests in Microsoft Exchange (OWA) Outlook Web Access can be exploited remotely by convincing a user to click a specially designed link to gain privileges.
NB: Not every vulnerability already has CVSS rating, so cumulative CVSS rating can be not representative.
NB: These vulnerabilities do not have any public CVSS rating, so rating can be changed by the time.
Первичный источник обнаружения
Связанные продукты
Список CVE
- CVE-2017-11761 warning
- CVE-2017-8758 warning
Список KB
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!