oval:org.mitre.oval:def:28811

Definition Id: oval:org.mitre.oval:def:28811
 
Oval ID: oval:org.mitre.oval:def:28811
Title: OWA modified canary parameter cross site scripting vulnerability - CVE-2015-1628 (MS15-026)
Description: Cross-site scripting (XSS) vulnerability in Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 7 allows remote attackers to inject arbitrary web script or HTML via a crafted X-OWA-Canary cookie in an AD.RecipientType.User action, aka "OWA Modified Canary Parameter Cross Site Scripting Vulnerability."
Family: windows Class: vulnerability
Reference(s): CVE-2015-1628
Version: 3
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Microsoft Exchange Server 2013
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:18626
 
Oval ID: oval:org.mitre.oval:def:18626
Title: Microsoft Exchange Server 2013 is installed
Description: Microsoft Exchange Server 2013 is installed
Family: windows Class: inventory
Reference(s): cpe:/a:microsoft:exchange_server:2013
Version: 3
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Product(s): Microsoft Exchange Server 2013
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:28811
oval:org.mitre.oval:def:28846
Definition Id: oval:org.mitre.oval:def:28846
 
Oval ID: oval:org.mitre.oval:def:28846
Title: Microsoft Exchange Server 2013 Cumulative Update 7 is installed
Description: Microsoft Exchange Server 2013 Cumulative Update 7 is installed
Family: windows Class: inventory
Reference(s): cpe:/a:microsoft:exchange_server:2013:cu7
Version: 3
Platform(s): Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Product(s): Microsoft Exchange Server 2013
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:28811