Vulnerabilities > CVE-2001-0726 - Unspecified vulnerability in Microsoft Exchange Server 5.5

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

microsoft

NVD

Published: 2001-12-06

Updated: 2020-04-09

Summary

Outlook Web Access (OWA) in Microsoft Exchange 5.5 Server, when used with Internet Explorer, does not properly detect certain inline script, which can allow remote attackers to perform arbitrary actions on a user's Exchange mailbox via an HTML e-mail message.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Exchange Server 5.5	1

References

http://www.osvdb.org/5557
http://www.securityfocus.com/bid/3650
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-057
https://exchange.xforce.ibmcloud.com/vulnerabilities/7663