Test Kennung:	1.3.6.1.4.1.25623.1.0.809010
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Exchange Server Information Disclosure Vulnerability (3160339)
Zusammenfassung:	This host is missing an important security; update according to Microsoft Bulletin MS16-079.
Beschreibung:	Summary: This host is missing an important security update according to Microsoft Bulletin MS16-079. Vulnerability Insight: The flaw exists due to an error in email filter bypass in the way that Microsoft Exchange parses HTML messages. Vulnerability Impact: Successful exploitation will allow remote attackers to track users via a crafted HTML e-mail message. An attacker could also combine this vulnerability with another one, such as a Cross-Site Request Forgery (CSRF), to amplify the attack. Affected Software/OS: - Microsoft Exchange Server 2013 Service Pack 1 - Microsoft Exchange Server 2013 Cumulative Update 11 - Microsoft Exchange Server 2013 Cumulative Update 12 - Microsoft Exchange Server 2016 - Microsoft Exchange Server 2016 Cumulative Update 1 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 4.3 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-0028 Microsoft Security Bulletin: MS16-079 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-079 http://www.securitytracker.com/id/1036106
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.