What is the severity of CVE-2003-0712?

CVE-2003-0712 is considered a critical vulnerability due to its potential to allow remote attackers to execute arbitrary web scripts.

How do I fix CVE-2003-0712?

To fix CVE-2003-0712, it is recommended to apply the latest service pack or patches provided by Microsoft for Exchange Server 5.5.

Which versions of Microsoft Exchange Server are affected by CVE-2003-0712?

CVE-2003-0712 affects Microsoft Exchange Server 5.5 versions including SP1, SP2, SP3, and SP4.

What type of attack is facilitated by CVE-2003-0712?

CVE-2003-0712 facilitates Cross-Site Scripting (XSS) attacks, allowing malicious scripts to be executed in the context of a user’s session.

Is user input related to CVE-2003-0712?

Yes, CVE-2003-0712 is related to inadequate HTML encoding of user input in the Compose New Message form in OWA.

Vulnerability/
CVE-2003-0712

medium

4.3

CWE

17/10/2003

8/8/2024

CVE-2003-0712: XSS

First published: Fri Oct 17 2003(Updated: )

Cross-site scripting (XSS) vulnerability in the HTML encoding for the Compose New Message form in Microsoft Exchange Server 5.5 Outlook Web Access (OWA) allows remote attackers to execute arbitrary web script.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Microsoft Exchange Server	=5.5-sp1
Microsoft Exchange Server	=5.5-sp4
Microsoft Exchange Server	=5.5-sp2
Microsoft Exchange Server	=5.5-sp3
Microsoft Exchange Server	=5.5

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2003-0712?
CVE-2003-0712 is considered a critical vulnerability due to its potential to allow remote attackers to execute arbitrary web scripts.
How do I fix CVE-2003-0712?
To fix CVE-2003-0712, it is recommended to apply the latest service pack or patches provided by Microsoft for Exchange Server 5.5.
Which versions of Microsoft Exchange Server are affected by CVE-2003-0712?
CVE-2003-0712 affects Microsoft Exchange Server 5.5 versions including SP1, SP2, SP3, and SP4.
What type of attack is facilitated by CVE-2003-0712?
CVE-2003-0712 facilitates Cross-Site Scripting (XSS) attacks, allowing malicious scripts to be executed in the context of a user’s session.
Is user input related to CVE-2003-0712?
Yes, CVE-2003-0712 is related to inadequate HTML encoding of user input in the Compose New Message form in OWA.

agent/type
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
agent/weakness
agent/severity
agent/author
agent/references
agent/remedy
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/tags
agent/source
vendor/microsoft
canonical/microsoft exchange server
version/microsoft exchange server/5.5
version/microsoft exchange server/5.5-sp1
version/microsoft exchange server/5.5-sp2
version/microsoft exchange server/5.5-sp3
version/microsoft exchange server/5.5-sp4

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.

CVE-2003-0712: XSS

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2003-0712?

How do I fix CVE-2003-0712?

Which versions of Microsoft Exchange Server are affected by CVE-2003-0712?

What type of attack is facilitated by CVE-2003-0712?

Is user input related to CVE-2003-0712?

Company

Resources

Contact