Microsoft Exchange Server Outlook Web Access Cross Site Request Forgery Vulnerability
Posted: 9/7/10 by komz in Etiquetas: Microsoft Exchange Server Outlook Web Access Cross Site Request Forgery Vulnerability. Microsoft Exchange Server Outlook Web Access, OWA, vulnerabilidad en outlookMicrosoft Exchange Server Outlook Web Access Cross Site Request Forgery Vulnerability
Microsoft Exchange Server Outlook Web Access is prone to a cross-site request-forgery vulnerability.
Exploiting this issue may allow a remote attacker to perform certain actions in the context of an authorized user's session and gain unauthorized access to the affected application; other attacks are also possible.
Microsoft Exchange Server 2007 versions prior to Service Pack 3 are reported to be vulnerable.
REFERENCIA DE LA VULNERABILIDAD
Desde Vulnerability Team exortamos a los usuarios y administradores revisar las notificaciones y aplicar las actualizaciones necesarias, para ayudar a mitigar los riesgos.
fuente: securityfocus.com