Follow:

Vulnerability:Win/Exchange.OWA.XSS!CVE-2008-2247

Severity rating
Critical

Class/Type
Vulnerability

Discovered date
2008-08-16T00:00:00

Attack vector
Remote

Authentication required
No

Public exploits available
Yes

Signature detection
Medium



On this page




Description

This is a cross-site scripting vulnerability in the affected versions of Outlook Web Access (OWA) for Exchange Server. Exploitation of the vulnerability could lead to elevation of privilege on individual OWA clients connecting to Outlook Web Access for Exchange Server. To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted e-mail that would run malicious script from within an individual OWA client. If the malicious script is executed, the script would run in the security context of the user’s OWA session and could perform any action the user could perform such as reading, sending, and deleting e-mail as the logged-on user.



Impact

An attacker could attempt to exploit this vulnerability by convincing a user to open a specially crafted e-mail message via an individual client’s OWA session. The message could then cause malicious script to run on the individual client’s system in the context of the user’s OWA session.



Technical details (analysis)

Cross-site scripting (XSS) is a security vulnerability that could enable an attacker to "inject" code into a user's session with a Web site. Unlike most security vulnerabilities, XSS does not apply to any single vendor's products–instead, it can affect any software that generates HTML and that does not follow defensive programming practices.The vulnerability is a result of Outlook Web Access for Exchange Server not sufficiently validating e-mail fields when opening mail from within an individual client’s OWA session. An attacker could use this vulnerability in Outlook Web Access for Exchange Server to run malicious script on an individual user’s system in the context of the user’s OWA session. The attacker could then perform OWA actions as the logged-on user, such as reading, sending, or deleting e-mail as the logged-on user.



Affected software

Microsoft Exchange Server 2003 Service Pack 2
Microsoft Exchange Server 2007
Microsoft Exchange Server 2007 Service Pack 1



Non-affected software

Microsoft Exchange Server 2000 Service Pack 3



References




Solutions




NIS signature

Name: Vulnerability:Win/Exchange.OWA.XSS!CVE-2008-2247
Release Date: 2008-08-16T00:00:00



Known false positives

No known false positives at this time.



Work-arounds

Microsoft has not identified any workarounds for this vulnerability.