Arbitrary Action Vulnerability in Outlook Web Access (OWA) for Microsoft Exchange 5.5 Server

Arbitrary Action Vulnerability in Outlook Web Access (OWA) for Microsoft Exchange 5.5 Server

CVE-2001-0726 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Outlook Web Access (OWA) in Microsoft Exchange 5.5 Server, when used with Internet Explorer, does not properly detect certain inline script, which can allow remote attackers to perform arbitrary actions on a user's Exchange mailbox via an HTML e-mail message.

Learn more about our Cis Benchmark Audit For Microsoft Exchange Server.