Microsoft Exchange Server Multiple Vulnerabilities( 11 February 2009 )

Last Update Date: 28 Jan 2011 Release Date: 11 Feb 2009 4502 Views

RISK: Medium Risk

Medium Risk

1. Memory Corruption Vulnerability

A remote code execution vulnerability exists in the way Microsoft Exchange Server decodes the Transport Neutral Encapsulation Format (TNEF) data for a message.

2. Literal Processing Vulnerability

A denial of service vulnerability exists in the EMSMDB2 (Electronic Messaging System Microsoft Data Base, 32 bit build) provider because of the way it handles invalid MAPI commands. An attacker could exploit the vulnerability by sending a specially crafted MAPI command to the application using the EMSMDB32 provider. An attacker who successfully exploited this vulnerability could cause the application to stop responding.

Impact

  • Remote Code Execution

System / Technologies affected

  • Microsoft Exchange 2000 Server
  • Microsoft Exchange Server 2003
  • Microsoft Exchange Server 2007
  • Microsoft Exchange Server MAPI Client and Collaboration Data Objects 1.2.1

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Download locations for this patch

Vulnerability Identifier

Source

Related Link

Share with

Previous

Microsoft SQL Server sp_replwritetovarbin Limited Memory Overwrite Vulnerability( 11 February 2009 )

11 Feb 2009 4580 Views

Next

BlackBerry Application Web Loader ActiveX Control Buffer Overflow Vulnerability

11 Feb 2009 4754 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY