Microsoft Exchange Server Elevation Of Privilege Vulnerability (CVE-2015-1632)
Gravità: : Critico
Identificatori CVE: 2015-1632,MS15-026
Descrizione
Elevation of privilege vulnerability exists when Microsoft Exchange Server does not properly sanitize page content in Outlook Web App. An attacker could exploit this vulnerability by modifying certain properties within Outlook Web App and then convincing users to browse to the targeted Outlook Web App site. An attacker who successfully exploited this vulnerability could run script in the context of the current user.
Informazioni esposizione:
Apply associated Trend Micro DPI Rules.
Soluzioni
Trend Micro Deep Security DPI Rule Number: 1000552
Trend Micro Deep Security DPI Rule Name: 1000552 - Generic Cross Site Scripting(XSS) Prevention
Software e versione interessati:
- Microsoft Exchange Server