CVE-2009-0098
First published: Tue Feb 10 2009(Updated: )
Microsoft Exchange 2000 Server SP3, Exchange Server 2003 SP2, and Exchange Server 2007 SP1 do not properly interpret Transport Neutral Encapsulation (TNEF) properties, which allows remote attackers to execute arbitrary code via a crafted TNEF message, aka "Memory Corruption Vulnerability."
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Exchange Server | =2000-sp3 | |
| Microsoft Exchange Server | =2003-sp2 | |
| Microsoft Exchange Server | =2007-sp1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- agent/description
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/microsoft
- canonical/microsoft exchange server
- version/microsoft exchange server/2000-sp3
- version/microsoft exchange server/2003-sp2
- version/microsoft exchange server/2007-sp1