JSON View XML View

Key Value
MTID M114449
Title (MS16-108) Microsoft Exchange Meeting Invitation Requests Cross-Site Scripting Privilege Escalation (3185883)
Description A vulnerability in some versions of Microsoft Exchange could lead to privilege escalation.
Observation A vulnerability in some versions of Microsoft Exchange could lead to privilege escalation.

The flaw lies in the Meeting Invitation Requests component. Successful exploitation could allow a local user to gain elevated privileges. The exploit requires the user to open a vulnerable website, email or document.
Recommendation The vendor has released an update to address this issue.

https://technet.microsoft.com/library/security/MS16-108

Vendor Microsoft
Attack Vector Website or e-mail with malicious content
Importance 5
Impact 2.8627500
Threat Score 4.3
Labels
Patch Tuesday
References
CVECVE-2016-3379
MSFTBulletinMS16-108
MSFTQNumber3185883
DISA IAVA2016-A-0247
MTIDM114449
CPEs
cpe:/a:microsoft:exchange_server:2016:cu2
Created At 2016-09-13 00:00:00 UTC
Updated At 2016-11-19 10:32:34 UTC

Back