CVSS: 5.5EPSS: 0%CPEs: 55EXPL: 0CVE-2015-7404
https://notcve.org/view.php?id=CVE-2015-7404
14 Nov 2015 — IBM Tivoli Storage Manager for Databases: Data Protection for Microsoft SQL Server (aka Spectrum Protect for Databases) 5.5 before 5.5.6.2, 6.3 before 6.3.1.6, 6.4 before 6.4.1.8, and 7.1 before 7.1.4; Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server (aka Spectrum Protect for Mail) 5.5 before 5.5.1.1, 6.1 and 6.3 before 6.3.1.6, 6.4 before 6.4.1.8, and 7.1 before 7.1.4; and Tivoli Storage FlashCopy Manager for Windows (aka Spectrum Protect Snapshot) 2.x and 3.1 before 3.1.1.6, ... • http://www-01.ibm.com/support/docview.wss?uid=swg1IT11349 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 56%CPEs: 16EXPL: 0CVE-2006-0002
https://notcve.org/view.php?id=CVE-2006-0002
10 Jan 2006 — Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote attackers to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulation Format (TNEF) MIME attachment, related to message length validation. • http://secunia.com/advisories/18368 •
CVSS: 6.1EPSS: 32%CPEs: 1EXPL: 0CVE-2005-0563
https://notcve.org/view.php?id=CVE-2005-0563
14 Jun 2005 — Cross-site scripting (XSS) vulnerability in Microsoft Outlook Web Access (OWA) component in Exchange Server 5.5 allows remote attackers to inject arbitrary web script or HTML via an email message with an encoded javascript: URL ("javAsc ript:") in an IMG tag. Una vulnerabilidad de Cross-Site Scripting (XSS) en el componente Microsoft Outlook Web Access (OWA) en Exchange Server 5.5 permite que los atacantes remotos inyecten scripts web o HTML arbitrarios mediante un mensaje de correo electrónico co... • http://secunia.com/advisories/15697 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 25%CPEs: 5EXPL: 0CVE-2004-0203
https://notcve.org/view.php?id=CVE-2004-0203
12 Aug 2004 — Cross-site scripting (XSS) vulnerability in Outlook Web Access for Exchange Server 5.5 Service Pack 4 allows remote attackers to insert arbitrary script and spoof content in HTML email or web caches via an HTML redirect query. Vulnerabilidad de secuencias de comandos en sitios cruzados en Outlook Web Access de Exchange Server 5.5 Service Pack 4 permite a atacantes remotos la inserción de rutinas arbitrarias y falsificar el contenido de correos HTML o cachés web mediante petición HTML redirigida. • http://www.kb.cert.org/vuls/id/948750 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 24%CPEs: 5EXPL: 0CVE-2003-0712
https://notcve.org/view.php?id=CVE-2003-0712
17 Oct 2003 — Cross-site scripting (XSS) vulnerability in the HTML encoding for the Compose New Message form in Microsoft Exchange Server 5.5 Outlook Web Access (OWA) allows remote attackers to execute arbitrary web script. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en la codificación HTML en el formulario Componer Nuevo Mensaje en Microsoft Exchange Server 5.5 Outolook Web Access (OWA) permite a atacantes remotos ejecutar script web arbitrario. • http://marc.info/?l=bugtraq&m=106631918405915&w=2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 67%CPEs: 9EXPL: 3CVE-2003-0714 – Microsoft Exchange Server 2000 - XEXCH50 Heap Overflow (PoC) (MS03-046)
https://notcve.org/view.php?id=CVE-2003-0714
17 Oct 2003 — The Internet Mail Service in Exchange Server 5.5 and Exchange 2000 allows remote attackers to cause a denial of service (memory exhaustion) by directly connecting to the SMTP service and sending a certain extended verb request, possibly triggering a buffer overflow in Exchange 2000. El servicio de correo de Internet en Exchange Server 5.5 y Exchange 2000 permite a atacantes remotos causar una denegación de servicio (consumición de memoria) conectándose directamente al servicio SMTP y enviando una cierta pet... • https://www.exploit-db.com/exploits/113 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.0EPSS: 19%CPEs: 5EXPL: 2CVE-2002-1790 – Microsoft IIS 4.0/5.0 - SMTP Service Encapsulated SMTP Address (MS99-027)
https://notcve.org/view.php?id=CVE-2002-1790
31 Dec 2002 — The SMTP service in Microsoft Internet Information Services (IIS) 4.0 and 5.0 allows remote attackers to bypass anti-relaying rules and send spam or spoofed messages via encapsulated SMTP addresses, a similar vulnerability to CVE-1999-0682. • https://www.exploit-db.com/exploits/21613 •
CVSS: 9.8EPSS: 17%CPEs: 5EXPL: 0CVE-2002-0698
https://notcve.org/view.php?id=CVE-2002-0698
12 Aug 2002 — Buffer overflow in Internet Mail Connector (IMC) for Microsoft Exchange Server 5.5 allows remote attackers to execute arbitrary code via an EHLO request from a system with a long name as obtained through a reverse DNS lookup, which triggers the overflow in IMC's hello response. Desbordamiento de búfer en Internet Mail Connector (IMC) para Microsoft Exchange Server 5.5 permite que atacantes remotos ejecuten código arbitrario por medio de una petición EHLO desde un sistema con un nombre largo obtenido por bús... • http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20759 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.1EPSS: 1%CPEs: 9EXPL: 0CVE-2002-0507
https://notcve.org/view.php?id=CVE-2002-0507
11 Jun 2002 — An interaction between Microsoft Outlook Web Access (OWA) with RSA SecurID allows local users to bypass the SecurID authentication for a previous user via several submissions of an OWA Authentication request with the proper OWA password for the previous user, which is eventually accepted by OWA. Una interacción entre Microsoft Outlook Web Access (OWA) con RSA SecurID permite a usuarios locales evitar la autenticación SecurID para un usuario anterior mediante varios envios de una petición de autenticación OW... • http://online.securityfocus.com/archive/1/264705 • CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 8%CPEs: 8EXPL: 0CVE-2002-0054
https://notcve.org/view.php?id=CVE-2002-0054
08 Mar 2002 — SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange Server 5.5 does not properly handle responses to NTLM authentication, which allows remote attackers to perform mail relaying via an SMTP AUTH command using null session credentials. El servicio SMTP enMicrosoft Windows 2000 y Internet Mail Connector (IMC) en Exchange Server 5.5no maneja adecuadamente respuestas a autenticación NTLM, lo que permite a atacantes remotos hacer reenvío de correo mediante el servidor. • http://marc.info/?l=bugtraq&m=101501580409373&w=2 • CWE-294: Authentication Bypass by Capture-replay •