Page 39 of 238 results (0.007 seconds)

CVSS: 10.0EPSS: 96%CPEs: 4EXPL: 1

CVE-2007-0213 – Microsoft Exchange 2003 - base64-MIME Remote Code Execution

https://notcve.org/view.php?id=CVE-2007-0213

Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 does not properly decode certain MIME encoded e-mails, which allows remote attackers to execute arbitrary code via a crafted base64-encoded MIME e-mail message. Microsoft Exchange Server 2000 SP3, 2003 SP1 y SP2, y 2007 no decodifica apropiadamente correos electrónicos concretos con codificación MIME, lo cual permite a atacantes remotos ejecutar código de su elección mediante un mensaje de correo electrónico manipulado con codificación base64 MIME. • https://www.exploit-db.com/exploits/47076 http://packetstormsecurity.com/files/153533/Microsoft-Exchange-2003-base64-MIME-Remote-Code-Execution.html http://secunia.com/advisories/25183 http://www.kb.cert.org/vuls/id/343145 http://www.osvdb.org/34391 http://www.securityfocus.com/archive/1/468871/100/200/threaded http://www.securityfocus.com/bid/23809 http://www.securitytracker.com/id?1018015 http://www.us-cert.gov/cas/techalerts/TA07-128A.html http://www.vupen.com/english& • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 18EXPL: 0

CVE-2006-7034

https://notcve.org/view.php?id=CVE-2006-7034

SQL injection vulnerability in directory.php in Super Link Exchange Script 1.0 might allow remote attackers to execute arbitrary SQL queries via the cat parameter. Vulnerabilidad de inyección SQL en directory.php en Super Link Exchange Script 1.0 podría permitir a atacantes remotos ejecutar consultas SQL de su elección a través del parámetro cat. • http://securityreason.com/securityalert/2285 http://www.securityfocus.com/archive/1/435166/30/4680/threaded https://exchange.xforce.ibmcloud.com/vulnerabilities/26720 •

CVSS: 2.6EPSS: 94%CPEs: 3EXPL: 1

CVE-2006-1193 – Microsoft Exchange Server 2000/2003 - Outlook Web Access Script Injection

https://notcve.org/view.php?id=CVE-2006-1193

Cross-site scripting (XSS) vulnerability in Microsoft Exchange Server 2000 SP1 through SP3, when running Outlook Web Access (OWA), allows user-assisted remote attackers to inject arbitrary HTML or web script via unknown vectors related to "HTML parsing." • https://www.exploit-db.com/exploits/28005 http://lists.grok.org.uk/pipermail/full-disclosure/2006-June/046892.html http://secunia.com/advisories/20634 http://securitytracker.com/id?1016280 http://www.kb.cert.org/vuls/id/138188 http://www.osvdb.org/26441 http://www.sec-consult.com/fileadmin/Advisories/20060613-0_owa_xss_noexploit.txt http://www.securityfocus.com/bid/18381 http://www.us-cert.gov/cas/techalerts/TA06-164A.html http://www.vupen.com/english/advisories/2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 97%CPEs: 3EXPL: 0

CVE-2006-0027 – MS06-019 Exchange MODPROP Heap Overflow

https://notcve.org/view.php?id=CVE-2006-0027

Unspecified vulnerability in Microsoft Exchange allows remote attackers to execute arbitrary code via e-mail messages with crafted (1) vCal or (2) iCal Calendar properties. • http://secunia.com/advisories/20029 http://securitytracker.com/id?1016048 http://www.kb.cert.org/vuls/id/303452 http://www.osvdb.org/25338 http://www.securityfocus.com/bid/17908 http://www.us-cert.gov/cas/techalerts/TA06-129A.html http://www.vupen.com/english/advisories/2006/1743 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-019 https://exchange.xforce.ibmcloud.com/vulnerabilities/25556 https://oval.cisecurity.org/repository/search/definition/ov •

CVSS: 7.5EPSS: 93%CPEs: 16EXPL: 0

CVE-2006-0002

https://notcve.org/view.php?id=CVE-2006-0002

Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote attackers to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulation Format (TNEF) MIME attachment, related to message length validation. • http://secunia.com/advisories/18368 http://securityreason.com/securityalert/330 http://securityreason.com/securityalert/331 http://securitytracker.com/id?1015460 http://securitytracker.com/id?1015461 http://support.avaya.com/elmodocs2/security/ASA-2006-004.htm http://www.kb.cert.org/vuls/id/252146 http://www.securityfocus.com/archive/1/421518/100/0/threaded http://www.securityfocus.com/archive/1/421520/100/0/threaded http://www.securityfocus.com/bid/16197 http://www.us- •