Download
| Alert*
oval:org.secpod.oval:def:3298
The host is missing an important security update according to Microsoft security bulletin, MS08-039. The update is required to fix privilege elevation vulnerabilities. The flaws are present in Outlook Web Access (OWA) for Microsoft Exchange Server, which fails to handle OWA client's session data. Su ... oval:org.secpod.oval:def:3299 The host is missing a critical security update according to Microsoft security bulletin, MS09-003. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Microsoft Exchange Server , which fails to handle a specially crafted TNEF message. Successful exploita ... oval:org.mitre.oval:def:5695 Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) for Exchange Server 2003 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified HTML, a different vulnerability than CVE-2008-2247. oval:org.mitre.oval:def:6114 Microsoft Exchange 2000 Server SP3, Exchange Server 2003 SP2, and Exchange Server 2007 SP1 do not properly interpret Transport Neutral Encapsulation (TNEF) properties, which allows remote attackers to execute arbitrary code via a crafted TNEF message, aka "Memory Corruption Vulnerability." oval:org.mitre.oval:def:5577 Exchange Server 2007 SP1 is installed. |