CVE-2001-0726
Last modified
CVE-2001-0726 is a vulnerability of currently unknown severity. Outlook Web Access (OWA) in Microsoft Exchange 5.5 Server, when used with Internet Explorer, does not properly detect certain inline script, which can allow remote attackers to perform arbitrary actions on a user's Exchange mailbox via an HTML e-mail message.. EPSS estimates a 16.12% chance of exploitation in the next 30 days.
Description
Outlook Web Access (OWA) in Microsoft Exchange 5.5 Server, when used with Internet Explorer, does not properly detect certain inline script, which can allow remote attackers to perform arbitrary actions on a user's Exchange mailbox via an HTML e-mail message.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Exchange Server | 5.5 |
References
- http://www.osvdb.org/5557Broken Link
- http://www.securityfocus.com/bid/3650Third Party Advisory, VDB Entry
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-057Patch, Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7663Third Party Advisory, VDB Entry
- http://www.osvdb.org/5557Broken Link
- http://www.securityfocus.com/bid/3650Third Party Advisory, VDB Entry
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-057Patch, Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7663Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2001-0726?
How severe is CVE-2001-0726?
How do I fix CVE-2001-0726?
Are you affected by CVE-2001-0726?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST