CVE-2001-0340

Опубликовано: 21 июл. 2001

Источник: nvd

CVSS2: 7.5

EPSS Низкий

Описание

An interaction between the Outlook Web Access (OWA) service in Microsoft Exchange 2000 Server and Internet Explorer allows attackers to execute malicious script code against a user's mailbox via a message attachment that contains HTML code, which is executed automatically.

Ссылки

http://www.ciac.org/ciac/bulletins/l-091.shtml
Broken Link
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-030
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6652
Third Party Advisory
VDB Entry
http://www.ciac.org/ciac/bulletins/l-091.shtml
Broken Link
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-030
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6652
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microsoft:exchange_server:5.5:-:*:*:*:*:*:*

cpe:2.3:a:microsoft:exchange_server:2000:-:*:*:*:*:*:*

EPSS

Процентиль: 91%

0.06264

Низкий

7.5 High

CVSS2

Дефекты

CWE-434

Связанные уязвимости

GHSA-mcfj-5726-cfww

github

больше 3 лет назад