| ID |
CVE-2010-3937
|
| Summary |
Microsoft Exchange Server 2007 SP2 on the x64 platform allows remote authenticated users to cause a denial of service (infinite loop and MSExchangeIS outage) via a crafted RPC request, aka "Exchange Server Infinite Loop Vulnerability." |
| References |
|
| Vulnerable Configurations |
|
| CVSS |
| Base: | 4.0 (as of 09-04-2020 - 13:25) |
| Impact: | |
| Exploitability: | |
|
| CWE |
CWE-399 |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
LOW |
SINGLE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| NONE |
NONE |
PARTIAL |
|
| cvss-vector
via4
|
AV:N/AC:L/Au:S/C:N/I:N/A:P
|
| msbulletin
via4
|
| bulletin_id | MS10-106 | | bulletin_url | | | date | 2010-12-14T00:00:00 | | impact | Denial of Service | | knowledgebase_id | 2407132 | | knowledgebase_url | | | severity | Moderate | | title | Vulnerability in Microsoft Exchange Server Could Allow Denial of Service |
|
| oval
via4
|
| accepted | 2011-01-24T04:00:12.829-05:00 | | class | vulnerability | | contributors | | name | Dragos Prisaca | | organization | Symantec Corporation |
| | definition_extensions | | comment | Microsoft Exchange Server 2007 SP2 is installed | | oval | oval:org.mitre.oval:def:12396 |
| | description | Microsoft Exchange Server 2007 SP2 on the x64 platform allows remote authenticated users to cause a denial of service (infinite loop and MSExchangeIS outage) via a crafted RPC request, aka "Exchange Server Infinite Loop Vulnerability." | | family | windows | | id | oval:org.mitre.oval:def:12019 | | status | accepted | | submitted | 2010-12-14T14:00:00 | | title | Exchange Server Infinite Loop Vulnerability | | version | 8 |
|
| refmap
via4
|
| bid | 45297 | | cert | TA10-348A | | sectrack | 1024888 |
|
| Last major update |
09-04-2020 - 13:25 |
| Published |
16-12-2010 - 19:33 |
| Last modified |
09-04-2020 - 13:25 |
