Vulnerabilities > Microsoft > Exchange Server > 5.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-01-10 | CVE-2006-0002 | Remote Code Execution vulnerability in Microsoft Outlook / Microsoft Exchange TNEF Decoding Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote attackers to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulation Format (TNEF) MIME attachment, related to message length validation. | 7.5 |
| 2005-05-02 | CVE-2005-0044 | Unspecified vulnerability in Microsoft products The OLE component in Windows 98, 2000, XP, and Server 2003, and Exchange Server 5.0 through 2003, does not properly validate the lengths of messages for certain OLE data, which allows remote attackers to execute arbitrary code, aka the "Input Validation Vulnerability." | 7.5 |
| 2001-09-20 | CVE-2001-0509 | Improper Input Validation vulnerability in Microsoft products Vulnerabilities in RPC servers in (1) Microsoft Exchange Server 2000 and earlier, (2) Microsoft SQL Server 2000 and earlier, (3) Windows NT 4.0, and (4) Windows 2000 allow remote attackers to cause a denial of service via malformed inputs. | 5.0 |
| 2000-06-05 | CVE-2000-0524 | Unspecified vulnerability in Microsoft Exchange Server and Outlook Microsoft Outlook and Outlook Express allow remote attackers to cause a denial of service by sending email messages with blank fields such as BCC, Reply-To, Return-Path, or From. | 5.0 |
| 1999-12-31 | CVE-1999-1043 | Unspecified vulnerability in Microsoft Exchange Server 5.0/5.5 Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) malformed NNTP data, or (2) malformed SMTP data, which allows remote attackers to cause a denial of service (application error). | 5.0 |
| 1999-12-13 | CVE-1999-0993 | Improper Initialization vulnerability in Microsoft Exchange Server 5.0/5.5 Modifications to ACLs (Access Control Lists) in Microsoft Exchange 5.5 do not take effect until the directory store cache is refreshed. | 7.5 |
| 1998-01-01 | CVE-1999-0284 | Classic Buffer Overflow vulnerability in multiple products Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer overflow in the SMTP HELO command. | 7.5 |