Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Exchange_server
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 216 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 1999-12-31 | CVE-1999-1043 | Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) malformed NNTP data, or (2) malformed SMTP data, which allows remote attackers to cause a denial of service (application error). | Exchange_server | N/A | ||
| 1998-12-01 | CVE-1999-0385 | The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands. | Exchange_server | N/A | ||
| 1998-06-26 | CVE-1999-0007 | Information from SSL-encrypted sessions via PKCS #1. | Stonghold_web_server, Open_market_secure_webserver, Exchange_server, Internet_information_server, Site_server, Certificate_server, Collabra_server, Directory_server, Enterprise_server, Fasttrack_server, Messaging_server, Proxy_server, Ssleay | N/A | ||
| 2019-11-12 | CVE-2019-1373 | A remote code execution vulnerability exists in Microsoft Exchange through the deserialization of metadata via PowerShell, aka 'Microsoft Exchange Remote Code Execution Vulnerability'. | Exchange_server | N/A | ||
| 2019-03-05 | CVE-2019-0724 | An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0686. | Exchange_server | N/A | ||
| 2019-09-11 | CVE-2019-1233 | A denial of service vulnerability exists in Microsoft Exchange Server software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Denial of Service Vulnerability'. | Exchange_server | N/A | ||
| 2019-09-11 | CVE-2019-1266 | A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web App (OWA) fails to properly handle web requests, aka 'Microsoft Exchange Spoofing Vulnerability'. | Exchange_server | N/A | ||
| 2019-07-15 | CVE-2019-1136 | An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. | Exchange_server | 8.1 | ||
| 2013-12-11 | CVE-2013-5072 | Cross-site scripting (XSS) vulnerability in Outlook Web Access in Microsoft Exchange Server 2010 SP2 and SP3 and 2013 Cumulative Update 2 and 3 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "OWA XSS Vulnerability." | Exchange_server | N/A | ||
| 2012-12-12 | CVE-2012-4791 | Microsoft Exchange Server 2007 SP3 and 2010 SP1 and SP2 allows remote authenticated users to cause a denial of service (Information Store service hang) by subscribing to a crafted RSS feed, aka "RSS Feed May Cause Exchange DoS Vulnerability." | Exchange_server | N/A |