CVE-2010-2091 in Exchange Serverinfo

Summary

Microsoft Outlook Web Access (OWA) 8.2.254.0, when Internet Explorer 7 on Windows Server 2003 is used, does not properly handle the id parameter in a Folder IPF.Note action to the default URI, which might allow remote attackers to obtain sensitive information or conduct cross-site scripting (XSS) attacks via an invalid value.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

05/27/2010

Disclosure

05/27/2010

Moderation

VulDB entry created

Entries

CPE

ready

CWE

CWE-79

Exploit

Download

CVSS

4.3

EPSS

0.04459

CTI

0.00

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2010-2091
NVD	https://nvd.nist.gov/vuln/detail/CVE-2010-2091
CVE Details	https://www.cvedetails.com/cve/CVE-2010-2091/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!