Privilege Elevation Vulnerabilities in Outlook Web Access for Exchange Server - MS08-039ID: oval:org.secpod.oval:def:3298 | Date: (C)2011-11-29 (M)2022-03-15 |
Class: PATCH | Family: windows |
The host is missing an important security update according to Microsoft security bulletin, MS08-039. The update is required to fix privilege elevation vulnerabilities. The flaws are present in Outlook Web Access (OWA) for Microsoft Exchange Server, which fails to handle OWA client's session data. Successful exploitation allows an attackers to perform any action the user could perform from within the individual client's OWA session.
Platform: |
Microsoft Windows 7 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Vista |
Microsoft Windows XP |
Product: |
Microsoft Exchange Server 2003 |
Microsoft Exchange Server 2007 |