Microsoft Exchange 5.5 Outlook Web Access Patch

Published by
Published on
OWA is a service of Exchange 5.5 and 2000 Server that allows users to use a Web browser to access their Exchange mailbox. However, a flaw exists in the interaction between OWA and IE for message attachments. If an attachment contains HTML code including script, the script will be executed when the attachment is opened, regardless of the attachment type. Because OWA requires that scripting be enabled in the zone where the OWA server is located, this script could take action against the user's Exchange mailbox. An attacker could use this flaw to construct an attachment containing malicious script code. The attacker could then send the attachment in a message to the user.
License Free
File Size 1.16 MB
Version 2655.77
Operating System Windows 2000 Windows NT Windows
System Requirements Windows NT/2000, Microsoft Exchange 5.5 SP4
Published by
Published on

ZDNET Latest Articles