[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow
From:       Ory Segal <ory.segal () sanctuminc ! com>
Date:       2003-10-16 12:21:30
[Download RAW message or body]


 From Microsoft Security Bulletin MS03-047:

A cross-site scripting (XSS) vulnerability results due to the way that 
Outlook Web Access (OWA) performs HTML encoding in the Compose New 
Message form.

An attacker could seek to exploit this vulnerability by having a user 
run script on the attacker's behalf. The script would execute in the 
security context of the user. If the script executes in the security 
context of the user, the attacker's code could then execute by using the 
security settings of the OWA Web site (or of a Web site that is hosted 
on the same server as the OWA Web site) and could enable the attacker to 
access any data belonging to the site where the user has access.
 
To exploit this vulnerability through OWA, an attacker would have to 
send an e-mail message that has a specially-formed link to the user. The 
user would then have to click the link. To exploit this vulnerability in 
another way, an attacker would have to know the name of the user's 
Exchange server and then entice the user to open a specially-formed link 
from another source while the user is logged on to OWA.

The full security bulletin can be found at:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-047.asp



[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic