Vulnerability Details CVE-2001-0340
An interaction between the Outlook Web Access (OWA) service in Microsoft Exchange 2000 Server and Internet Explorer allows attackers to execute malicious script code against a user's mailbox via a message attachment that contains HTML code, which is executed automatically.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.074
EPSS Ranking 91.2%
CVSS Severity
CVSS v2 Score 7.5
References
- http://www.ciac.org/ciac/bulletins/l-091.shtml
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-030
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6652
- http://www.ciac.org/ciac/bulletins/l-091.shtml
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-030
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6652
Products affected by CVE-2001-0340
-
cpe:2.3:a:microsoft:exchange_server:2000
-
cpe:2.3:a:microsoft:exchange_server:5.5