National Vulnerability Database

National Vulnerability Database

National Vulnerability

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:microsoft:exchange_server:2010:sp1
There are 6 matching records.
Vuln ID Summary CVSS Severity

An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.

Published: November 13, 2018; 08:29:01 PM -05:00
V3.0: 7.4 HIGH
    V2: 5.8 MEDIUM

Microsoft Exchange Server 2007 SP3 and 2010 SP1 and SP2 allows remote authenticated users to cause a denial of service (Information Store service hang) by subscribing to a crafted RSS feed, aka "RSS Feed May Cause Exchange DoS Vulnerability."

Published: December 11, 2012; 07:55:01 PM -05:00
    V2: 3.5 LOW

The (1) install and (2) upgrade processes in EMC NetWorker Module for Microsoft Applications (NMM) 2.2.1, 2.3 before build 122, and 2.4 before build 375, when Exchange Server is used, allow local users to read cleartext administrator credentials via unspecified vectors.

Published: October 18, 2012; 01:55:01 PM -04:00
    V2: 2.1 LOW

The BlackBerry Collaboration Service in Research In Motion (RIM) BlackBerry Enterprise Server (BES) 5.0.3 through MR4 for Microsoft Exchange and Lotus Domino allows remote authenticated users to log into arbitrary user accounts associated with the same organization, and send messages, read messages, read contact lists, or cause a denial of service (login unavailability), via unspecified vectors.

Published: October 21, 2011; 06:55:03 AM -04:00
    V2: 6.5 MEDIUM

Microsoft email clients in Outlook, Exchange, and Windows Messaging automatically respond to Read Receipt and Delivery Receipt tags, which could allow an attacker to flood a mail system with responses by forging a Read Receipt request that is redirected to a large distribution list.

Published: February 29, 2000; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM

The installation of 1ArcServe Backup and Inoculan AV client modules for Exchange create a log file, exchverify.log, which contains usernames and passwords in plaintext.

Published: November 12, 1998; 12:00:00 AM -05:00
    V2: 4.6 MEDIUM