First published: Tue Oct 21 2008(Updated: )
Open redirect vulnerability in exchweb/bin/redir.asp in Microsoft Outlook Web Access (OWA) for Exchange Server 2003 SP2 (aka build 6.5.7638) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the URL parameter.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Exchange Server | =2003-sp2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2008-1547 is classified as a medium severity vulnerability that can lead to phishing attacks.
To mitigate CVE-2008-1547, it's recommended to apply the latest security updates or patches provided by Microsoft for Exchange Server 2003.
CVE-2008-1547 affects users of Microsoft Exchange Server 2003 SP2 when accessing Outlook Web Access.
CVE-2008-1547 can facilitate open redirect attacks, allowing malicious actors to redirect users to arbitrary web sites.
Yes, CVE-2008-1547 is known to be exploitable and has been used in phishing attacks.