Lucene search
MitreCVE-2005-0420HistoryApr 27, 2005 - 4:00 a.m.
CVE-2005-0420
2005-04-2704:00:00
CWE-601
mitre
web.nvd.nist.gov
42
microsoft
outlook web access
owa
remote attackers
redirect
login
owalogon.asp
nvd
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
AI Score
6.7
Confidence
Low
EPSS
0.972
Percentile
99.8%
Microsoft Outlook Web Access (OWA), when used with Exchange, allows remote attackers to redirect users to arbitrary URLs for login via a link to the owalogon.asp application.
Affected configurations
Node
microsoftexchange_serverMatch2003-
ORmicrosoftexchange_serverMatch2003sp1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | exchange_server | 2003 | cpe:2.3:a:microsoft:exchange_server:2003:-:*:*:*:*:*:* |
| microsoft | exchange_server | 2003 | cpe:2.3:a:microsoft:exchange_server:2003:sp1:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2005-0420
2005-02-15 05:00:00
exploitdb
exploitdb
Microsoft Outlook 2003 - Web Access Login Form Remote URI redirection
2005-02-07 00:00:00
nvd
nvd
CVE-2005-0420
2005-04-27 04:00:00
nessus
nessus
openvas
openvas
Outlook Web Access URL Injection
2005-11-03 00:00:00
CVSS2
5.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:P/A:N
AI Score
6.7
Confidence
Low
EPSS
0.972
Percentile
99.8%
Related for CVE-2005-0420