CVE-2001-0726

Outlook Web Access (OWA) in Microsoft Exchange 5.5 Server, when used with Internet Explorer, does not properly detect certain inline script, which can allow remote attackers to perform arbitrary actions on a user's Exchange mailbox via an HTML e-mail message.

Published: Dec 6, 2001
Updated: Apr 13, 2023
CVE: CVE-2001-0726
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / exchange_server	5.5	5.5.x

http://www.osvdb.org/5557
http://www.securityfocus.com/bid/3650
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-057
https://exchange.xforce.ibmcloud.com/vulnerabilities/7663

Vulnerability Database

289,599

CVE-2001-0726