TUCoPS :: HP Unsorted M :: b1a-1101.htm

Microsoft Outlook Web Access (OWA) v8.2.254.0 "id" parameter Information Disclosure Vulnerability
Microsoft Outlook Web Access (OWA) v8.2.254.0 "id" parameter Information Disclosure Vulnerability
Microsoft Outlook Web Access (OWA) v8.2.254.0 "id" parameter Information Disclosure Vulnerability


$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
"Microsoft Outlook Web Access (OWA) version 8.2.254.0"
OS: Windows Server 2003
Internet Explorer 7
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
There is an information disclosure vulnerability in "Microsoft Outlook Web Access (OWA) version 8.2.254.0".

The issue is with the id parameter.

Following are different exploitation techniques:
https://example.com/owa/?ae=Folder&t=IPF.Note&id=
https://example.com/owa/?ae=Folder&t=IPF.Note&idhttps://example.com/owa/?ae=Folder&t=IPF.Note&id=A


Whom to contact to get a CVE Identifier for this vulnerability.

Best Regards,
Praveen Darshanam,
Security Researcher,
INDIA

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH