oval:org.mitre.oval:def:28415

Definition Id: oval:org.mitre.oval:def:28415

Oval ID:	oval:org.mitre.oval:def:28415
Title:	Exchange URL redirection vulnerability (CVE-2014-6336) - MS14-075
Description:	Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 6 does not properly validate redirection tokens, which allows remote attackers to redirect users to arbitrary web sites and spoof the origin of e-mail messages via unspecified vectors, aka "Exchange URL Redirection Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2014-6336	Version:	3
Platform(s):	Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2	Product(s):	Microsoft Exchange Server 2013
Definition Synopsis:
Exchange Server 2013 and vulnerable file version Microsoft Exchange Server 2013 is installed AND Check if the version of ExSetup.exe is less than 15.00.0847.035 OR Exchange 2013 CU 6 and vulnerable file version Check if the version of ExSetup.exe is less than 15.00.0995.034 AND Microsoft Exchange Server 2013 CU 6 is installed

Definition Id: oval:org.mitre.oval:def:18626

Oval ID:	oval:org.mitre.oval:def:18626
Title:	Microsoft Exchange Server 2013 is installed
Description:	Microsoft Exchange Server 2013 is installed
Family:	windows	Class:	inventory
Reference(s):	cpe:/a:microsoft:exchange_server:2013	Version:	3
Platform(s):	Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012	Product(s):	Microsoft Exchange Server 2013
Definition Synopsis:
Check if Exchange Server 2013 is installed
Referenced By:
oval:org.mitre.oval:def:28415 oval:org.mitre.oval:def:28213

Definition Id: oval:org.mitre.oval:def:28213

Oval ID:	oval:org.mitre.oval:def:28213
Title:	Microsoft Exchange Server 2013 CU 6 is installed
Description:	Microsoft Exchange Server 2013 CU 6 is installed. Microsoft Exchange Server is calendaring software, a mail server and contact manager developed by Microsoft.
Family:	windows	Class:	inventory
Reference(s):	cpe:/a:microsoft:exchange_server:2013:cu6	Version:	3
Platform(s):	Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2	Product(s):	Microsoft Exchange Server 2013
Definition Synopsis:
Microsoft Exchange Server 2013 is installed AND Microsoft Exchange Server Cumulative Update 6 is installed
Referenced By:
oval:org.mitre.oval:def:28415