Download
| Alert*
|
oval:org.secpod.oval:def:50069
The host is missing an important security update KB4468742 oval:org.secpod.oval:def:50705 The host is missing an important security update for KB4487052 oval:org.secpod.oval:def:46094 The host is missing a moderate severity security update for KB4295699 oval:org.secpod.oval:def:54144 The host is missing an important security update KB4491413 oval:org.secpod.oval:def:14829 Microsoft Exchange Server 2010 SP3 is installed oval:org.secpod.oval:def:57252 The host is missing an important security update for KB4509410. oval:org.secpod.oval:def:67659 The host is installed with Microsoft Exchange Server products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle improper validation of cmdlet arguments. Successful exploitation could allow an attacker to obtain sensitive information. oval:org.secpod.oval:def:67660 The host is missing an important security update for KB4593467. oval:org.secpod.oval:def:61274 The host is missing an important security update for KB4536989. oval:org.secpod.oval:def:55365 The host is missing a security update KB4503028. oval:org.secpod.oval:def:14831 The host is installed with Microsoft Exchange Server 2007, 2010 or 2013 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation could allow attackers to run code on the affected Exchange Server. oval:org.secpod.oval:def:14832 The host is missing a critical security update according to Microsoft security bulletin, MS13-061. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation could allow attackers to run cod ... oval:org.secpod.oval:def:14830 The host is installed with Microsoft Exchange Server 2007, 2010 or 2013 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation could allow attackers to run code on the affected Exchange Server. oval:org.secpod.oval:def:14828 The host is installed with Microsoft Exchange Server 2007, 2010 or 2013 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle a crafted file. Successful exploitation could allow attackers to run code on the affected Exchange Server. oval:org.secpod.oval:def:15688 The host is installed with Microsoft Windows SharePoint Services 2.0, 3.0 SP3, SharePoint Server 2007 SP3, SharePoint Foundation 2010 SP1, SP2, SharePoint Server 2010 SP1, SP2, Exchange Server 2007, Exchange Server 2010, or Exchange Server 2013 and is prone to remote code execution vulnerability. A ... oval:org.secpod.oval:def:16208 The host is installed with Exchange Server 2007, Exchange Server 2010, or Exchange Server 2013 and is prone an OWA xss vulnerability. A flaw is present in the application, which fails to handle a specially crafted data. Successful exploitation could allow attackers to run script in the context of th ... oval:org.secpod.oval:def:16209 The host is missing a critical security update according to Microsoft security bulletin, MS13-105. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a specially crafted file. Successful exploitation could allow attackers to execut ... oval:org.secpod.oval:def:16206 The host is installed with Exchange Server 2010 or Exchange Server 2013 and is prone to cross-site scripting (XSS) vulnerability. A flaw is present in the application, which fails to handle a crafted URL. Successful exploitation could allow attackers to inject arbitrary web script or HTML. oval:org.secpod.oval:def:16207 The host is installed with Exchange Server 2007, Exchange Server 2010, or Exchange Server 2013 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to handle a specially crafted file. Successful exploitation could allow attackers to execute arbitrary code o ... oval:org.secpod.oval:def:21884 The host is installed with Microsoft Exchange Server 2007, 2010 or 2013 and is prone to a token spoofing vulnerability. A flaw is present in the applications, which fail to handle a specially crafted content. Successful exploitation could allow attackers to send email that appears to come from an us ... oval:org.secpod.oval:def:21881 The host is missing an important security update according to Microsoft bulletin, MS14-075. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle a specially crafted content, properly validate redirection tokens or improperly validate ... oval:org.secpod.oval:def:46097 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to a remote security vulnerability. A flaw is present in the application, which fails to handle Outside In Filters component. Successful exploitation could allow attackers to exploit the vulnerability over HTTP prot ... oval:org.secpod.oval:def:46099 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to a remote security vulnerability. A flaw is present in the application, which fails to handle Outside In Image Export SDK component. Successful exploitation could allow attackers to exploit the vulnerability over ... oval:org.secpod.oval:def:46098 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to a remote security vulnerability. A flaw is present in the application, which fails to handle Outside In Filters component. Successful exploitation could allow attackers to exploit the vulnerability over HTTP prot ... oval:org.secpod.oval:def:35599 The host is installed with Microsoft Exchange Server 2007, 2010, 2013 or 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle a specially crafted content. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:35603 The host is installed with Microsoft Exchange Server 2007, 2010, 2013 or 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle a specially crafted content. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:35601 The host is installed with Microsoft Exchange Server 2007, 2010, 2013 or 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to handle a specially crafted content. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:35602 The host is missing an important security update according to Microsoft security bulletin, MS16-079. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle a specially crafted content. Successful exploitation could allow attackers to e ... oval:org.secpod.oval:def:37000 The host is installed with Microsoft Exchange Server 2007, 2010, 2013 or 2016 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly parse email messages. Successful exploitation could allow attackers to discover confidential user infor ... oval:org.secpod.oval:def:37003 The host is missing a critical security update according to Microsoft security bulletin, MS16-108. The update requires to fix multiple vulnerabilities. The flaws are present in the applications, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary co ... oval:org.secpod.oval:def:41258 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to an open redirect vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted URL. Successful exploitation could allow attackers to acquire sensitive information, such a ... oval:org.secpod.oval:def:41255 The host is missing a moderate severity security update KB4018588 oval:org.secpod.oval:def:45358 An information disclosure vulnerability exists when Microsoft Exchange improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the remote system. To exploit the vulnerability, an attacker would send a specially-cr ... oval:org.secpod.oval:def:45364 A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. An attacker could then install programs; view ... oval:org.secpod.oval:def:47094 A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. An attacker could then install programs; view ... oval:org.secpod.oval:def:57255 An elevation of privilege vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could gain the same rights as any other user of the Exchange server. This could allow the attacker to perform activities such as accessing the mailboxes of other use ... oval:org.secpod.oval:def:50066 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle the PowerShell API. Successful exploitation could allow attackers to view additional details about the ... oval:org.secpod.oval:def:49119 The host is installed with Microsoft Exchange Server 2010, 2013, 2016 or 2019 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to properly handle authentication requests. Successful exploitation could allow attackers to impersonate any other use ... oval:org.secpod.oval:def:55366 The host is missing a security update for ADV190018. oval:org.secpod.oval:def:54148 A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests. An attacker who successfully exploited the vulnerability could perform script or content injection attacks, and attempt to trick the user into disclosing sensitive inform ... oval:org.secpod.oval:def:50706 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle the Exchange Web Services (EWS) and Push Notifications. Successful exploitation allows attackers to ga ... oval:org.secpod.oval:def:50707 The host is installed with Microsoft Exchange Server 2010, 2013 or 2016 and is prone to an elevation of privilege vulnerability. A flaw is present in the application, which fails to properly handle the Exchange Web Services (EWS) and Push Notifications. Successful exploitation allows attackers to ga ... oval:org.secpod.oval:def:50708 The host is missing a security update for ADV190004 oval:org.secpod.oval:def:50611 The host is missing a security update for ADV190007 oval:org.secpod.oval:def:61273 A remote code execution vulnerability exists in Microsoft Exchange Server when the server fails to properly create unique keys at install time. Knowledge of a the validation key allows an authenticated user with a mailbox to pass arbitrary objects to be deserialized by the web application, which run ... oval:org.secpod.oval:def:57245 An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain invisibl ... |
