OWA是Exchange 5.5和2000服务器,允许用户使用Web浏览器来访问他们的Exchange邮箱的服务。然而,一个漏洞存在于对邮件附件OWA和IE浏览器之间的相互作用。如果附件包含HTML代码包括脚本,当附件被打开,而不管附件类型的脚本将被执行。由于OWA要求脚本在区,在那里OWA服务器位于启用,该脚本可以采取对用户的Exchange邮箱采取行动。攻击者可以利用这个漏洞构建包含恶意脚本代码的附件。该攻击者然后可以发送附件在邮件中向用户 要求: 在Windows NT /...
热门软件
-
Microsoft Malformed Web Form Submission Vulnerability Patch (IIS 4.0) 6 Dec 15
-
Microsoft Exchange Server Information Store Viewer (MDBVU32) 21 Sep 15
-
Microsoft Netmon Protocol Parsing Vulnerability Patch (Windows 2000) 6 Dec 15
-
Word 97 Security Patch: KB830354 21 Sep 15
-
Windows 2000 Network DDE Vulnerability Patch 6 Dec 15
-
ISA Server 2000 Security Update for Error Pages 21 Sep 15
-
Windows 2000 IIS5 Security Patch: IIS Cross-Site Scripting Vulnerability 21 Sep 15
最好的 企业安全软件 为 Microsoft
热门软件
-
ISA Server 2000 - Vulnerability in H.323 Filter Can Cause Remote Code Execution (816458) 21 Sep 15
-
Microsoft IIS4 Session ID Cookie Marking Vulnerability Patch 6 Dec 15
-
Identity Lifecycle Manager 180-Day Evaluation 21 Sep 15
-
Forefront Unified Access Gateway (UAG) 2010 27 May 15
-
Windows XP 64-bit RPC Interface Buffer Overrun Security Vulnerability Patch 29 Oct 15
-
Remote Access Quarantine Tool for Internet Security and Acceleration (ISA) Server 2004 21 Sep 15
-
Microsoft Security Compliance Manager 3 May 15