Vulnerability Description
Cross-site scripting (XSS) vulnerability in the HTML encoding for the Compose New Message form in Microsoft Exchange Server 5.5 Outlook Web Access (OWA) allows remote attackers to execute arbitrary web script.
CVSS Score
4.3
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Exchange Server | 5.5 |
Related Weaknesses (CWE)
References
- http://marc.info/?l=bugtraq&m=106631918405915&w=2Mailing ListThird Party Advisory
- http://www.cert.org/advisories/CA-2003-27.htmlThird Party AdvisoryUS Government Resource
- http://www.kb.cert.org/vuls/id/435444PatchThird Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/8832PatchThird Party AdvisoryVDB Entry
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-04PatchVendor Advisory
- http://marc.info/?l=bugtraq&m=106631918405915&w=2Mailing ListThird Party Advisory
- http://www.cert.org/advisories/CA-2003-27.htmlThird Party AdvisoryUS Government Resource
- http://www.kb.cert.org/vuls/id/435444PatchThird Party AdvisoryUS Government Resource
- http://www.securityfocus.com/bid/8832PatchThird Party AdvisoryVDB Entry
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-04PatchVendor Advisory
FAQ
What is CVE-2003-0712?
CVE-2003-0712 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in the HTML encoding for the Compose New Message form in Microsoft Exchange Server 5.5 Outlook Web Access (OWA) allows remote attackers to execute arbitrary we...
How severe is CVE-2003-0712?
CVE-2003-0712 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0712?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Exchange Server.