Microsoft Exchange Server 2007 OWA CSRF Exploit Code Released

Exploit code has been published for a CSRF vulnerability in Microsoft Exchange Server 2007 Outlook Web Access. Early reports indicate that Microsoft has fixed the underlying bug in Service Pack 3 for Exchange Server 2007. Whether or not Exchange 2003 is affected is unknown at this time.

References:
http://www.securityfocus.com/bid/41462/
http://www.exploit-db.com/exploits/14285/
http://sites.google.com/site/tentacoloviola/pwning-corporate-webmails

email: david @ sharpesecurity.com
website: www.sharpesecurity.com
Twitter: twitter.com/sharpesecurity

Share

Leave a Reply