Multiple vulnerabilities in Microsoft Exchange Server

Описание

Multiple serious vulnerabilities were found in Microsoft Exchange. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Microsoft Exchange can be exploited remotely via specially crafted email to execute arbitrary code.
2. An elevation of privilege vulnerability in Microsoft Exchange Outlook Web Access can be exploited remotely via specially crafted email to gain privileges.
3. A remote code execution vulnerability in Microsoft Exchange can be exploited remotely to execute arbitrary code.

Первичный источник обнаружения

• CVE-2018-8265
  CVE-2018-8448
  CVE-2010-3190
  

Связанные продукты

• Microsoft-Exchange-Server

Список CVE

• CVE-2010-3190
  critical
• CVE-2018-8265
  critical
• CVE-2018-8448
  high

Список KB

• 2565063
• 4459266

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com