Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
TitleSecurity Update in Microsoft Exchange Server to Address Spoofing (3124557)
Informations
NameMS16-010First vendor Publication2016-01-12
VendorMicrosoftLast vendor Modification2016-01-12
Severity (Vendor) ImportantRevision1.0

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Cvss Base Score4.3Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Severity Rating: Important
Revision Note: V1.0 (January 12, 2016): Bulletin published.
Summary: This security update resolves vulnerabilities in Microsoft Exchange Server. The most severe of the vulnerabilities could allow spoofing if Outlook Web Access (OWA) fails to properly handle web requests, and sanitize user input and email content.

Original Source

Url : https://technet.microsoft.com/en-us/library/security/MS16-010

CWE : Common Weakness Enumeration

%idName
100 %CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25)

CPE : Common Platform Enumeration

TypeDescriptionCount
Application4

Nessus® Vulnerability Scanner

DateDescription
2016-01-13Name : The remote Microsoft Exchange server is affected by multiple spoofing vulnera...
File : smb_nt_ms16-010.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
DateInformations
2016-01-20 21:26:03
  • Multiple Updates
2016-01-14 17:28:18
  • Multiple Updates
2016-01-14 13:26:25
  • Multiple Updates
2016-01-13 09:25:28
  • Multiple Updates
2016-01-12 21:28:08
  • Multiple Updates
2016-01-12 21:17:05
  • First insertion