[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

Privilege Elevation Vulnerabilities in Outlook Web Access for Exchange Server - MS08-039

ID: oval:org.secpod.oval:def:3298Date: (C)2011-11-29   (M)2017-10-04
Class: PATCHFamily: windows




The host is missing an important security update according to Microsoft security bulletin, MS08-039. The update is required to fix privilege elevation vulnerabilities. The flaws are present in Outlook Web Access (OWA) for Microsoft Exchange Server, which fails to handle OWA client's session data. Successful exploitation allows an attackers to perform any action the user could perform from within the individual client's OWA session.

Platform:
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Vista
Microsoft Windows XP
Product:
Microsoft Exchange Server 2003
Microsoft Exchange Server 2007
Reference:
MS08-039
CVE-2008-2247
CVE-2008-2248
CVE    2
CVE-2008-2248
CVE-2008-2247
CPE    3
cpe:/a:microsoft:exchange_server:2007:sp1
cpe:/a:microsoft:exchange_server:2003:sp2
cpe:/a:microsoft:exchange_server:2007
XCCDF    6
xccdf_com.secpod_benchmark_microsoft-windows-7
xccdf_com.secpod_benchmark_microsoft-windows-vista
xccdf_com.secpod_benchmark_microsoft-windows-server-2008
xccdf_com.secpod_benchmark_microsoft-windows-xp
...

© 2013 SecPod Technologies