Search Results (Refine Search)
- CPE Product Version: cpe:/a:microsoft:exchange_server:2013:cumulative_update_12
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-1137 |
A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server, aka 'Microsoft Exchange Server Spoofing Vulnerability'. Published: July 15, 2019; 3:15:21 PM -0400 |
V3.1: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2019-1136 |
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. Published: July 15, 2019; 3:15:21 PM -0400 |
V3.0: 8.1 HIGH V2.0: 5.1 MEDIUM |
CVE-2016-3378 |
Open redirect vulnerability in Microsoft Exchange Server 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted URL, aka "Microsoft Exchange Open Redirect Vulnerability." Published: September 14, 2016; 6:59:52 AM -0400 |
V3.0: 7.4 HIGH V2.0: 5.8 MEDIUM |
CVE-2016-0138 |
Microsoft Exchange Server 2007 SP3, 2010 SP3, 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 misparses e-mail messages, which allows remote authenticated users to obtain sensitive Outlook application information by leveraging the Send As right, aka "Microsoft Exchange Information Disclosure Vulnerability." Published: September 14, 2016; 6:59:02 AM -0400 |
V3.0: 4.3 MEDIUM V2.0: 4.0 MEDIUM |
CVE-2016-0028 |
Outlook Web Access (OWA) in Microsoft Exchange Server 2013 SP1, Cumulative Update 11, and Cumulative Update 12 and 2016 Gold and Cumulative Update 1 does not properly restrict loading of IMG elements, which makes it easier for remote attackers to track users via a crafted HTML e-mail message, aka "Microsoft Exchange Information Disclosure Vulnerability." Published: June 15, 2016; 9:59:03 PM -0400 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |