Microsoft Exchange Server Multiple Vulnerabilities

Last Update Date: 15 Aug 2012 16:59 Release Date: 15 Aug 2012 4612 Views

RISK: High Risk

High Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

Remote code execution vulnerabilities exist in Microsoft Exchange Server through the WebReady Document Viewing feature. These vulnerabilities could allow remote code execution as Local System if a user views a specially crafted file through Outlook Web Access in a browser. An attacker who successfully exploited the vulnerabilities could run code on the affected server, but only as LocalService. The LocalService account has minimum privileges on the local computer and presents anonymous credentials on the network.

Impact

  • Remote Code Execution

System / Technologies affected

  • Microsoft Exchange Server 2007
  • Microsoft Exchange Server 2010

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Microsoft Windows JavaScript Integer Overflow Remote Code Execution Vulnerability

15 Aug 2012 4783 Views

Next

Microsoft Visio DXF File Format Buffer Overflow Vulnerability

15 Aug 2012 4687 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY