CVE-2009-0098
published 2009-02-10CVE-2009-0098: Microsoft Exchange 2000 Server SP3, Exchange Server 2003 SP2, and Exchange Server 2007 SP1 do not properly interpret Transport Neutral Encapsulation (TNEF)…
PriorityP353critical9.3CVSS 2.0
AVNACMAuNCCICAC
EPSS
24.92%
97.6th percentile
Microsoft Exchange 2000 Server SP3, Exchange Server 2003 SP2, and Exchange Server 2007 SP1 do not properly interpret Transport Neutral Encapsulation (TNEF) properties, which allows remote attackers to execute arbitrary code via a crafted TNEF message, aka "Memory Corruption Vulnerability."
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | exchange_server | — | — |
| microsoft | exchange_server | — | — |
| microsoft | exchange_server | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://osvdb.org/51837http://secunia.com/advisories/33838http://www.us-cert.gov/cas/techalerts/TA09-041A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-003https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6114http://osvdb.org/51837http://secunia.com/advisories/33838http://www.us-cert.gov/cas/techalerts/TA09-041A.htmlhttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-003https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6114
2009-02-10
Published