Download
| Alert*
|
oval:org.secpod.oval:def:5845
Microsoft Exchange Server 2010 is installed oval:org.secpod.oval:def:47097 Microsoft Exchange Server 2010 SP3 Update Rollup 23 is installed oval:org.secpod.oval:def:45361 Microsoft Exchange Server 2010 SP3 Update Rollup 21 is installed oval:org.secpod.oval:def:5847 Microsoft Exchange Server 2010 SP2 is installed oval:org.secpod.oval:def:5846 Microsoft Exchange Server 2010 SP1 is installed oval:org.secpod.oval:def:47099 The host is missing a critical security update KB4340733 oval:org.secpod.oval:def:45367 The host is missing an important security update KB4091243 oval:org.secpod.oval:def:50069 The host is missing an important security update KB4468742 oval:org.secpod.oval:def:50705 The host is missing an important security update for KB4487052 oval:org.secpod.oval:def:46094 The host is missing a moderate severity security update for KB4295699 oval:org.secpod.oval:def:54144 The host is missing an important security update KB4491413 oval:org.secpod.oval:def:6701 The host is installed with Microsoft Exchange Server 2007 or 2010 or FAST Search Server 2010 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a specially crafted file through Outlook Web Access in a browser. Successful exploitation co ... oval:org.secpod.oval:def:6700 The host is installed with Microsoft Exchange Server 2007 or 2010 or FAST Search Server 2010 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a specially crafted file through Outlook Web Access in a browser. Successful exploitation co ... oval:org.secpod.oval:def:6705 The host is installed with Microsoft Exchange Server 2007 or 2010 or FAST Search Server 2010 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a specially crafted file through Outlook Web Access in a browser. Successful exploitation co ... oval:org.secpod.oval:def:6704 The host is installed with Microsoft Exchange Server 2007 or 2010 or FAST Search Server 2010 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a specially crafted file through Outlook Web Access in a browser. Successful exploitation co ... oval:org.secpod.oval:def:6703 The host is installed with Microsoft Exchange Server 2007 or 2010 or FAST Search Server 2010 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a specially crafted file through Outlook Web Access in a browser. Successful exploitation co ... oval:org.secpod.oval:def:6702 The host is installed with Microsoft Exchange Server 2007 or 2010 or FAST Search Server 2010 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a specially crafted file through Outlook Web Access in a browser. Successful exploitation co ... oval:org.secpod.oval:def:6706 The host is missing a critical security update according to Microsoft security bulletin, MS12-058. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the application, which fails to handle a specially crafted file through Outlook Web Access in a br ... oval:org.secpod.oval:def:6697 The host is installed with Microsoft Exchange Server 2007 or 2010 or FAST Search Server 2010 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a specially crafted file through Outlook Web Access in a browser. Successful exploitation co ... oval:org.secpod.oval:def:6696 The host is installed with Microsoft Exchange Server 2007 or 2010 or FAST Search Server 2010 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a specially crafted file through Outlook Web Access in a browser. Successful exploitation co ... oval:org.secpod.oval:def:6695 The host is installed with Microsoft Exchange Server 2007 or 2010 or FAST Search Server 2010 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a specially crafted file through Outlook Web Access in a browser. Successful exploitation co ... oval:org.secpod.oval:def:6694 The host is installed with Microsoft Exchange Server 2007 or 2010 or FAST Search Server 2010 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a specially crafted file through Outlook Web Access in a browser. Successful exploitation co ... oval:org.secpod.oval:def:6699 The host is installed with Microsoft Exchange Server 2007 or 2010 or FAST Search Server 2010 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a specially crafted file through Outlook Web Access in a browser. Successful exploitation co ... oval:org.secpod.oval:def:6698 The host is installed with Microsoft Exchange Server 2007 or 2010 or FAST Search Server 2010 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a specially crafted file through Outlook Web Access in a browser. Successful exploitation co ... oval:org.secpod.oval:def:6693 The host is installed with Microsoft Exchange Server 2007 or 2010 or FAST Search Server 2010 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a specially crafted file through Outlook Web Access in a browser. Successful exploitation co ... oval:org.secpod.oval:def:10366 The machine setting for the startup type of the 'Microsoft Exchange Address Book' service should be configured correctly. oval:org.secpod.oval:def:10367 The machine setting for the startup type of the 'Microsoft Exchange Information Store' service should be configured correctly. oval:org.secpod.oval:def:10368 The machine setting for the startup type of the 'Microsoft Exchange Server Extension for Windows Server Backup' service should be configured correctly. oval:org.secpod.oval:def:10369 The machine setting for the startup type of the 'Microsoft Exchange System Attendant' service should be configured correctly. oval:org.secpod.oval:def:10370 The machine setting for the startup type of the 'Microsoft Exchange Transport' service should be configured correctly. oval:org.secpod.oval:def:10371 The machine setting for the startup type of the 'Microsoft Exchange Protected Service Host' service should be configured correctly. oval:org.secpod.oval:def:10372 The machine setting for the startup type of the 'Microsoft Search (Exchange)' service should be configured correctly. oval:org.secpod.oval:def:10373 The machine setting for the startup type of the 'Microsoft Exchange File Distribution' service should be configured correctly. oval:org.secpod.oval:def:10374 The machine setting for the startup type of the 'Microsoft Exchange Active Directory Topology' service should be configured correctly. oval:org.secpod.oval:def:10375 The machine setting for the startup type of the 'Microsoft Exchange Replication Service' service should be configured correctly. oval:org.secpod.oval:def:10376 The machine setting for the startup type of the 'Microsoft Exchange Mail Submission Service' service should be configured correctly. oval:org.secpod.oval:def:10377 The machine setting for the startup type of the 'Microsoft Exchange POP3' service should be configured correctly. oval:org.secpod.oval:def:10378 The machine setting for the startup type of the 'Microsoft Exchange IMAP4' service should be configured correctly. oval:org.secpod.oval:def:10379 The machine setting for the startup type of the 'Microsoft Exchange Search Indexer' service should be configured correctly. oval:org.secpod.oval:def:10380 The machine setting for the startup type of the 'Microsoft Exchange Mailbox Replication' service should be configured correctly. oval:org.secpod.oval:def:10381 The machine setting for the startup type of the 'Microsoft Exchange Mailbox Assistants' service should be configured correctly. oval:org.secpod.oval:def:10382 The machine setting for the startup type of the 'Microsoft Exchange Monitoring' service should be configured correctly. oval:org.secpod.oval:def:10383 The machine setting for the startup type of the 'Microsoft Exchange RPC Client Access' service should be configured correctly. oval:org.secpod.oval:def:10384 The machine setting for the startup type of the 'Microsoft Exchange Service Host' service should be configured correctly. oval:org.secpod.oval:def:10385 The machine setting for the startup type of the 'Microsoft Exchange Unified Messaging' service should be configured correctly. oval:org.secpod.oval:def:10386 The machine setting for the startup type of the 'Microsoft Exchange Credential Service (Exchange 2010)' service should be configured correctly. oval:org.secpod.oval:def:10387 The machine setting for the startup type of the 'Microsoft Exchange Speech Engine Service' service should be configured correctly. oval:org.secpod.oval:def:10388 The machine setting for the startup type of the 'Microsoft Exchange EdgeSync Service' service should be configured correctly. oval:org.secpod.oval:def:10389 The machine setting for the startup type of the 'Microsoft Exchange ADAM' service should be configured correctly. oval:org.secpod.oval:def:10390 The machine setting for the startup type of the 'Microsoft Exchange Anti-spam Update' service should be configured correctly. oval:org.secpod.oval:def:10391 The machine setting for the startup type of the 'Microsoft Exchange Forms-Based Authentication service' service should be configured correctly. oval:org.secpod.oval:def:10392 The machine setting for the startup type of the 'Microsoft Exchange Throttling' service should be configured correctly. oval:org.secpod.oval:def:10393 The machine setting for the startup type of the 'Microsoft Exchange Transport Log Search' service should be configured correctly. oval:org.secpod.oval:def:57252 The host is missing an important security update for KB4509410. oval:org.secpod.oval:def:14829 Microsoft Exchange Server 2010 SP3 is installed oval:org.secpod.oval:def:9279 The host is installed with Microsoft Exchange Server 2007 or 2010 and is prone to remote code execution vulnerability. A flaw is present in the application, which is caused when WebReady Document Viewer is used to preview a specially crafted file. Successful exploitation allows attackers to run arbi ... oval:org.secpod.oval:def:8186 The host is installed with Exchange Server 2007 or Exchange Server 2010 and is prone to remote code execution vulnerabilities. The flaws are present in the Microsoft Exchange Server, which fails to properly handle WebReady Document Viewing feature. Successful exploitation could allow to run code on ... oval:org.secpod.oval:def:8187 The host is installed with Exchange Server 2007 or Exchange Server 2010 and is prone to remote code execution vulnerabilities. The flaws are present in the Microsoft Exchange Server, which fails to properly handle WebReady Document Viewing feature. Successful exploitation could allow to run code on ... oval:org.secpod.oval:def:9277 The host is installed with Microsoft Exchange Server 2007 or 2010 and is prone to denial of service vulnerability. A flaw is present in the application, which is caused when WebReady Document Viewer is used to preview a specially crafted file. Successful exploitation allows context-dependent attacke ... oval:org.secpod.oval:def:9278 The host is missing a critical security update according to Microsoft bulletin, MS13-012. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which are caused when WebReady Document Viewer is used to preview a specially crafted file. Successful exploitat ... oval:org.secpod.oval:def:8184 The host is missing a critical security update according to Microsoft security bulletin, MS12-080. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Microsoft Exchange Server, which fails to properly handle the WebReady Document Viewing and Outlook Web ... oval:org.secpod.oval:def:8185 The host is installed with Exchange Server 2007 or Exchange Server 2010 and is prone to denial of service vulnerability. A flaw is present in the Microsoft Exchange Server, which fails to properly handle the RSS feeds. Successful exploitation could cause exchange databases to dismount, and potential ... oval:org.secpod.oval:def:67659 The host is installed with Microsoft Exchange Server products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle improper validation of cmdlet arguments. Successful exploitation could allow an attacker to obtain sensitive information. oval:org.secpod.oval:def:67660 The host is missing an important security update for KB4593467. oval:org.secpod.oval:def:61274 The host is missing an important security update for KB4536989. oval:org.secpod.oval:def:55365 The host is missing a security update KB4503028. oval:org.secpod.oval:def:14831 The host is installed with Microsoft Exchange Server 2007, 2010 or 2013 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation could allow attackers to run code on the affected Exchange Server. oval:org.secpod.oval:def:14832 The host is missing a critical security update according to Microsoft security bulletin, MS13-061. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation could allow attackers to run cod ... oval:org.secpod.oval:def:14830 The host is installed with Microsoft Exchange Server 2007, 2010 or 2013 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation could allow attackers to run code on the affected Exchange Server. oval:org.secpod.oval:def:14828 The host is installed with Microsoft Exchange Server 2007, 2010 or 2013 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation could allow attackers to run code on the affected Exchange Server. oval:org.secpod.oval:def:15688 The host is installed with Microsoft Windows SharePoint Services 2.0, 3.0 SP3, SharePoint Server 2007 SP3, SharePoint Foundation 2010 SP1, SP2, SharePoint Server 2010 SP1, SP2, Exchange Server 2007, Exchange Server 2010, or Exchange Server 2013 and is prone to remote code execution vulnerability. A ... oval:org.secpod.oval:def:16208 The host is installed with Exchange Server 2007, Exchange Server 2010, or Exchange Server 2013 and is prone an OWA xss vulnerability. A flaw is present in the application, which fails to handle a specially crafted data. Successful exploitation could allow attackers to run script in the context of th ... oval:org.secpod.oval:def:16209 The host is missing a critical security update according to Microsoft security bulletin, MS13-105. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a specially crafted file. Successful exploitation could allow attackers to execut ... oval:org.secpod.oval:def:16206 The host is installed with Exchange Server 2010 or Exchange Server 2013 and is prone to cross-site scripting (XSS) vulnerability. A flaw is present in the application, which fails to handle a crafted URL. Successful exploitation could allow attackers to inject arbitrary web script or HTML. oval:org.secpod.oval:def:16207 The host is installed with Exchange Server 2007, Exchange Server 2010, or Exchange Server 2013 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to handle a specially crafted file. Successful exploitation could allow attackers to execute arbitrary code o ... oval:org.secpod.oval:def:21884 The host is installed with Microsoft Exchange Server 2007, 2010 or 2013 and is prone to a token spoofing vulnerability. A flaw is present in the applications, which fail to handle a specially crafted content. Successful exploitation could allow attackers to send email that appears to come from an us ... oval:org.secpod.oval:def:21881 The host is missing an important security update according to Microsoft bulletin, MS14-075. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle a specially crafted content, properly validate redirection tokens or improperly validate ... oval:org.secpod.oval:def:46097 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to a remote security vulnerability. A flaw is present in the application, which fails to handle Outside In Filters component. Successful exploitation could allow attackers to exploit the vulnerability over HTTP prot ... oval:org.secpod.oval:def:46099 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to a remote security vulnerability. A flaw is present in the application, which fails to handle Outside In Image Export SDK component. Successful exploitation could allow attackers to exploit the vulnerability over ... oval:org.secpod.oval:def:46098 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to a remote security vulnerability. A flaw is present in the application, which fails to handle Outside In Filters component. Successful exploitation could allow attackers to exploit the vulnerability over HTTP prot ... oval:org.secpod.oval:def:35603 The host is installed with Microsoft Exchange Server 2007, 2010, 2013 or 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle a specially crafted content. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:35601 The host is installed with Microsoft Exchange Server 2007, 2010, 2013 or 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle a specially crafted content. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:35602 The host is missing an important security update according to Microsoft security bulletin, MS16-079. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a specially crafted content. Successful exploitation could allow attackers to e ... oval:org.secpod.oval:def:35599 The host is installed with Microsoft Exchange Server 2007, 2010, 2013 or 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle a specially crafted content. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:37000 The host is installed with Microsoft Exchange Server 2007, 2010, 2013 or 2016 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly parse email messages. Successful exploitation could allow attackers to discover confidential user infor ... oval:org.secpod.oval:def:37003 The host is missing a critical security update according to Microsoft security bulletin, MS16-108. The update requires to fix multiple vulnerabilities. The flaws are present in the applications, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary co ... oval:org.secpod.oval:def:41258 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to an open redirect vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted URL. Successful exploitation could allow attackers to acquire sensitive information, such a ... oval:org.secpod.oval:def:41255 The host is missing a moderate severity security update KB4018588 oval:org.secpod.oval:def:45358 An information disclosure vulnerability exists when Microsoft Exchange improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the remote system. To exploit the vulnerability, an attacker would send a specially-cr ... oval:org.secpod.oval:def:45364 A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. An attacker could then install programs; view ... oval:org.secpod.oval:def:47094 A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. An attacker could then install programs; view ... oval:org.secpod.oval:def:57255 An elevation of privilege vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could gain the same rights as any other user of the Exchange server. This could allow the attacker to perform activities such as accessing the mailboxes of other use ... oval:org.secpod.oval:def:49119 The host is installed with Microsoft Exchange Server 2010, 2013, 2016 or 2019 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle authentication requests. Successful exploitation could allow attackers to impersonate any other use ... oval:org.secpod.oval:def:50066 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle the PowerShell API. Successful exploitation could allow attackers to view additional details about the ... oval:org.secpod.oval:def:50611 The host is missing a security update for ADV190007 oval:org.secpod.oval:def:55366 The host is missing a security update for ADV190018. oval:org.secpod.oval:def:54148 A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests. An attacker who successfully exploited the vulnerability could perform script or content injection attacks, and attempt to trick the user into disclosing sensitive inform ... oval:org.secpod.oval:def:50706 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle the Exchange Web Services (EWS) and Push Notifications. Successful exploitation allows attackers to ga ... oval:org.secpod.oval:def:50707 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle the Exchange Web Services (EWS) and Push Notifications. Successful exploitation allows attackers to ga ... oval:org.secpod.oval:def:50708 The host is missing a security update for ADV190004 oval:org.secpod.oval:def:61273 A remote code execution vulnerability exists in Microsoft Exchange Server when the server fails to properly create unique keys at install time. Knowledge of a the validation key allows an authenticated user with a mailbox to pass arbitrary objects to be deserialized by the web application, which run ... oval:org.secpod.oval:def:57245 An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain invisibl ... |
