Oval Definition:	oval:org.mitre.oval:def:2016
Revision Date: 2007-11-13 Version: 44 Title: MS Exchange Server Cross-site Scripting Vulnerability Description: Cross-site scripting (XSS) vulnerability in Outlook Web Access for Exchange Server 5.5 Service Pack 4 allows remote attackers to insert arbitrary script and spoof content in HTML email or web caches via an HTML redirect query. Family: windows Class: vulnerability Status: ACCEPTED Reference(s): CVE-2004-0203 Platform(s): Microsoft Windows NT Product(s): Outlook Web Access Definition Synopsis Software section Exchange 5.5 with SP4 Installed AND the version of cdo.dll is less than 5.5.2558.10 AND NOT the patch kb842436 is installed AND Configuration section Outlook Web Access exists
BACK