| ID |
CVE-2008-1547
|
| Summary |
Open redirect vulnerability in exchweb/bin/redir.asp in Microsoft Outlook Web Access (OWA) for Exchange Server 2003 SP2 (aka build 6.5.7638) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the URL parameter. |
| References |
|
| Vulnerable Configurations |
|
| CVSS |
| Base: | 4.3 (as of 09-04-2020 - 13:22) |
| Impact: | |
| Exploitability: | |
|
| CWE |
CWE-601 |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
MEDIUM |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| NONE |
PARTIAL |
NONE |
|
| cvss-vector
via4
|
AV:N/AC:M/Au:N/C:N/I:P/A:N
|
| refmap
via4
|
| bid | 31765 | | bugtraq | - 20081015 MS OWA 2003 Redirection Vulnerability
- 20081015 Re: MS OWA 2003 Redirection Vulnerability
- 20081015 Re: Re: MS OWA 2003 Redirection Vulnerability
- 20081017 Re: MS OWA 2003 Redirection Vulnerability - [MSRC 7368br]
- 20081019 Re: MS OWA 2003 Redirection Vulnerability - [MSRC7368br]
| | sreason | 4441 | | xf | owa-redir-phishing(46061) |
|
| Last major update |
09-04-2020 - 13:22 |
| Published |
21-10-2008 - 01:18 |
| Last modified |
09-04-2020 - 13:22 |
