|
Description:
A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests. An attacker who successfully exploited the vulnerability could perform script or content injection attacks, and attempt to trick the user into disclosing sensitive information. An attacker could also redirect the user to a malicious website that could spoof content or the vulnerability could be used as a pivot to chain an attack with other vulnerabilities in web services.
Architecture:
n/a
Classification:
Security Updates
Supported products:
Exchange Server 2016
Supported languages:
Arabic
,
Bulgarian
,
Chinese (Traditional)
,
Czech
,
Danish
,
German
,
Greek
,
English
,
Spanish
,
Finnish
,
French
,
Hebrew
,
Hungarian
,
Italian
,
Japanese
,
Korean
,
Dutch
,
Norwegian
,
Polish
,
Portuguese (Brazil)
,
Romanian
,
Russian
,
Croatian
,
Slovak
,
Swedish
,
Thai
,
Turkish
,
Ukrainian
,
Slovenian
,
Estonian
,
Latvian
,
Lithuanian
,
Hindi
,
Chinese (Simplified)
,
Portuguese (Portugal)
,
Serbian (Latin)
,
Chinese - Hong Kong SAR
,
Japanese NEC
|
MSRC Number:
n/a
MSRC severity:
Important
KB article numbers:
4487563
|