Total
642 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-0904 | 1 Microsoft | 3 Exchange Server, Sharepoint Services, Windows Server 2003 | 2023-12-10 | 6.0 MEDIUM | N/A |
Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication, does not properly reuse HTTP connections, which can cause OWA users to view mailboxes of other users when Kerberos has been disabled as an authentication method for IIS 6.0, e.g. when SharePoint Services 2.0 is installed. | |||||
CVE-2004-0840 | 1 Microsoft | 3 Exchange Server, Windows Server 2003, Windows Xp | 2023-12-10 | 10.0 HIGH | N/A |
The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit Edition, and the Exchange Routing Engine component of Exchange Server 2003, allows remote attackers to execute arbitrary code via a malicious DNS response message containing length values that are not properly validated. |