|
Description:
An elevation of privilege vulnerability exists in the way that Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests. To exploit the vulnerability, an attacker who successfully exploited this vulnerability could, perform script/content injection attacks, and attempt to trick the user into disclosing sensitive information.
Architecture:
n/a
Classification:
Security Updates
Supported products:
Exchange Server 2013
Supported languages:
Arabic
,
Bulgarian
,
Czech
,
Danish
,
German
,
Greek
,
English
,
Spanish
,
Estonian
,
Finnish
,
French
,
Hebrew
,
Hindi
,
Croatian
,
Hungarian
,
Italian
,
Japanese
,
Japanese NEC
,
Korean
,
Lithuanian
,
Latvian
,
Dutch
,
Norwegian
,
Polish
,
Portuguese (Portugal)
,
Portuguese (Brazil)
,
Romanian
,
Russian
,
Slovak
,
Slovenian
,
Serbian (Latin)
,
Swedish
,
Thai
,
Turkish
,
Ukrainian
,
Chinese (Simplified)
,
Chinese - Hong Kong SAR
,
Chinese (Traditional)
|
MSRC Number:
MS17-015
MSRC severity:
Critical
KB article numbers:
4012178
|