Download
| Alert*
oval:org.secpod.oval:def:24830
Microsoft Exchange Server 2013 Cumulative Update 8 is installed oval:org.secpod.oval:def:24831 The host is installed with Exchange Server 2013, CU8 or SP1 and is prone to an Exchange Server-Side request forgery vulnerability. A flaw is present in the application, which fails to properly manage same-origin policy. Successful exploitation could allow attackers to disclose sensitive information. oval:org.secpod.oval:def:24832 The host is installed with Exchange Server 2013, CU8 or SP1 and is prone to an Exchange Cross-Site request forgery vulnerability. A flaw is present in the application, which fails to properly manage user sessions. Successful exploitation could allow attackers to read content that the attacker is not ... oval:org.secpod.oval:def:24833 The host is installed with Exchange Server 2013 CU8 and is prone to an Exchange HTML injection vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted script to a target site that uses HTML sanitization. Successful exploitation could allow attackers to ... oval:org.secpod.oval:def:24834 The host is missing an important secuirity update according to Microsoft security bulletin, MS15-064. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle a specially crafted data. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:26530 The host is installed with Exchange Server 2013, CU8 or CU9 and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to properly sanitize specially crafted email. Successful exploitation could allow attackers to perform HTML injection attacks on affected systems. oval:org.secpod.oval:def:26531 The host is missing an important security update according to Microsoft security bulletin, MS15-103. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly sanitize specially crafted email. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:26527 The host is installed with Exchange Server 2013, CU8, CU9 or SP1 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle web requests. Successful exploitation could allow attackers to disclose stacktrace details. oval:org.secpod.oval:def:26529 The host is installed with Exchange Server CU8 or CU9 and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to properly sanitize specially crafted email. Successful exploitation could allow attackers to perform HTML injection attacks on affected systems. |