Vulnerabilities > CVE-2000-0216 - Unspecified vulnerability in Microsoft Exchange Server, Outlook and Windows Messaging

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

microsoft

NVD

Published: 2000-02-29

Updated: 2008-09-10

Summary

Microsoft email clients in Outlook, Exchange, and Windows Messaging automatically respond to Read Receipt and Delivery Receipt tags, which could allow an attacker to flood a mail system with responses by forging a Read Receipt request that is redirected to a large distribution list.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Exchange Server * Microsoft Outlook * Microsoft Windows Messaging *	3

References

http://archives.neohapsis.com/archives/ntbugtraq/2000-q1/0176.html