Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Exchange_server
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 215 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2001-01-09 | CVE-2000-1139 | The installation of Microsoft Exchange 2000 before Rev. A creates a user account with a known password, which could allow attackers to gain privileges, aka the "Exchange User Account" vulnerability. | Exchange_server | N/A | ||
| 2000-06-05 | CVE-2000-0524 | Microsoft Outlook and Outlook Express allow remote attackers to cause a denial of service by sending email messages with blank fields such as BCC, Reply-To, Return-Path, or From. | Exchange_server, Outlook | N/A | ||
| 1999-12-31 | CVE-1999-1043 | Microsoft Exchange Server 5.5 and 5.0 does not properly handle (1) malformed NNTP data, or (2) malformed SMTP data, which allows remote attackers to cause a denial of service (application error). | Exchange_server | N/A | ||
| 1998-12-01 | CVE-1999-0385 | The LDAP bind function in Exchange 5.5 has a buffer overflow that allows a remote attacker to conduct a denial of service or execute commands. | Exchange_server | N/A | ||
| 1998-06-26 | CVE-1999-0007 | Information from SSL-encrypted sessions via PKCS #1. | Stonghold_web_server, Open_market_secure_webserver, Exchange_server, Internet_information_server, Site_server, Certificate_server, Collabra_server, Directory_server, Enterprise_server, Fasttrack_server, Messaging_server, Proxy_server, Ssleay | N/A | ||
| 2020-03-12 | CVE-2020-0903 | A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server, aka 'Microsoft Exchange Server Spoofing Vulnerability'. | Exchange_server | N/A | ||
| 2019-11-12 | CVE-2019-1373 | A remote code execution vulnerability exists in Microsoft Exchange through the deserialization of metadata via PowerShell, aka 'Microsoft Exchange Remote Code Execution Vulnerability'. | Exchange_server | N/A | ||
| 2019-03-05 | CVE-2019-0724 | An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0686. | Exchange_server | N/A | ||
| 2019-09-11 | CVE-2019-1233 | A denial of service vulnerability exists in Microsoft Exchange Server software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Denial of Service Vulnerability'. | Exchange_server | N/A | ||
| 2019-09-11 | CVE-2019-1266 | A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web App (OWA) fails to properly handle web requests, aka 'Microsoft Exchange Spoofing Vulnerability'. | Exchange_server | N/A |