OWA Message Attachment HTML Code Execution Vulnerability

OWA Message Attachment HTML Code Execution Vulnerability

CVE-2001-0340 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

An interaction between the Outlook Web Access (OWA) service in Microsoft Exchange 2000 Server and Internet Explorer allows attackers to execute malicious script code against a user's mailbox via a message attachment that contains HTML code, which is executed automatically.

Learn more about our Cis Benchmark Audit For Microsoft Exchange Server.