CVE-2001-0726
First published: Thu Dec 06 2001(Updated: )
Outlook Web Access (OWA) in Microsoft Exchange 5.5 Server, when used with Internet Explorer, does not properly detect certain inline script, which can allow remote attackers to perform arbitrary actions on a user's Exchange mailbox via an HTML e-mail message.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Exchange Server | =5.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2001-0726?
CVE-2001-0726 is considered to be of high severity due to its potential for unauthorized access to Exchange mailboxes.
How do I fix CVE-2001-0726?
To fix CVE-2001-0726, upgrade to a later version of Microsoft Exchange that addresses this vulnerability.
What are the potential impacts of CVE-2001-0726?
The potential impacts of CVE-2001-0726 include remote attackers performing arbitrary actions on a user's Exchange mailbox through malicious HTML emails.
What versions of Microsoft Exchange are affected by CVE-2001-0726?
CVE-2001-0726 specifically affects Microsoft Exchange Server version 5.5.
What type of attack is facilitated by CVE-2001-0726?
CVE-2001-0726 facilitates a cross-site scripting attack due to improper detection of inline scripts in Outlook Web Access.
- agent/references
- agent/type
- agent/softwarecombine
- agent/first-publish-date
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/severity
- agent/remedy
- agent/author
- agent/weakness
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- agent/event
- agent/source
- vendor/microsoft
- canonical/microsoft exchange server
- version/microsoft exchange server/5.5