VULHUB ™

Microsoft Security Advisory MS01-057 - Outlook Web Access (OWA), a service of Exchange 5.5 Server, has a flow which allows remote attackers to take any action against the user's Exchange mailbox that the user himself was capable of, including sending, moving, or deleting messages. If an HTML message that contains specially formatted script is opened in OWA, the script executes when the message is opened. Microsoft FAQ on this issue available here.

Microsoft Security Advisory MS01-057 - Outlook Web Access (OWA), a service of Exchange 5.5 Server, has a flow which allows remote attackers to take any action against the user's Exchange mailbox that the user himself was capable of, including sending, moving, or deleting messages. If an HTML message that contains specially formatted script is opened in OWA, the script executes when the message is opened. Microsoft FAQ on this issue available here.