This CPE summary could be partial or incomplete. Please contact us for a detailed listing.


Vendor Microsoft First view 2010-09-07
Product Outlook Web Access Last view 2010-09-07
Version 2007 Type Application
Update sp1  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
CPE Product cpe:2.3:a:microsoft:outlook_web_access

Activity : Overall

Related : CVE

  Date Alert Description
6.8 2010-09-07 CVE-2010-3213

Cross-site request forgery (CSRF) vulnerability in Microsoft Outlook Web Access (owa/ev.owa) 2007 through SP2 allows remote attackers to hijack the authentication of e-mail users for requests that perform Outlook requests, as demonstrated by setting the auto-forward rule.

CWE : Common Weakness Enumeration

100% (1) CWE-352 Cross-Site Request Forgery (CSRF)

Open Source Vulnerability Database (OSVDB)

id Description
67119 Microsoft Outlook Web Access (OWA) Multiple Function CSRF

Snort® IPS/IDS

Date Description
2014-01-10 Microsoft Office Outlook Web Access XSRF attempt
RuleID : 17296 - Type : SERVER-WEBAPP - Revision : 8

Nessus® Vulnerability Scanner

id Description
2010-09-17 Name: The remote web server is affected by a cross-site request forgery issue.
File: smb_kb2401593.nasl - Type: ACT_GATHER_INFO