Multiple vulnerabilities in Microsoft Exchange Server

Описание

Multiple serious vulnerabilities have been found in Microsoft Exchange Server. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information and spoof user interface.

Below is a complete list of vulnerabilities:

1. An improper handling of objects in memory in Microsoft Exchange can be exploited remotely via a specially designed e-mail to obtain sensitive information;
2. Multiple vulnerabilities in Microsoft Exchange Outlook Web Access (OWA) can be exploited remotely via a specially designed website to gain privileges or spoof user interface;
3. Memory corruption vulnerability in Microsoft Exchange software can be exploited remotely via a specially designed e-mail to execute arbitrary code;

Первичный источник обнаружения

• CVE-2018-8152
  CVE-2018-8153
  CVE-2018-8151
  CVE-2018-8154
  CVE-2018-8159
  

Связанные продукты

• Microsoft-Exchange-Server

Список CVE

• CVE-2018-8152
  high
• CVE-2018-8153
  high
• CVE-2018-8151
  warning
• CVE-2018-8154
  critical
• CVE-2018-8159
  high

Список KB

• 4091243
• 4092041
• 4458321

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com