Vulnerability CVE-2007-0220 - CERT Civis.Net

Vulnerability Name:

CVE-2007-0220 (CCN-33887)

Assigned:

2007-05-08

Published:

2007-05-08

Updated:

2020-04-09

Summary:

Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) in Microsoft Exchange Server 2000 SP3, and 2003 SP1 and SP2 allows remote attackers to execute arbitrary scripts, spoof content, or obtain sensitive information via certain UTF-encoded, script-based e-mail attachments, involving an "incorrectly handled UTF character set label".

CVSS v3 Severity:

4.8 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): None

CVSS v2 Severity:

6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.9 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N)
3.5 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N/E:H/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): None

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2007-0220

Source: CCN
Type: SA25183
Microsoft Exchange Multiple Vulnerabilities

Source: SECUNIA
Type: Third Party Advisory
25183

Source: CCN
Type: SECTRACK ID: 1018015
Microsoft Exchange Base64, iCal, IMAP, and Attachment Processing Bugs Let Remote Users Deny Service or Execute Arbitrary Code

Source: CCN
Type: ASA-2007-191
MS07-026 Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (931832)

Source: CCN
Type: US-CERT VU#124113
Microsoft Exchange Outlook Web Access UTF character set label script injection vulnerability

Source: CERT-VN
Type: Third Party Advisory, US Government Resource
VU#124113

Source: CCN
Type: Microsoft Security Bulletin MS07-026
Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (931832)

Source: OSVDB
Type: Broken Link
34389

Source: CCN
Type: OSVDB ID: 34389
Microsoft Exchange Outlook Web Access (OWA) Attachment Script Injection

Source: HP
Type: Third Party Advisory, VDB Entry
HPSBST02214

Source: BID
Type: Third Party Advisory, VDB Entry
23806

Source: CCN
Type: BID-23806
Microsoft Outlook Web Access Remote Script Injection Vulnerability

Source: SECTRACK
Type: Third Party Advisory, VDB Entry
1018015

Source: CERT
Type: Third Party Advisory, US Government Resource
TA07-128A

Source: VUPEN
Type: Permissions Required
ADV-2007-1711

Source: MS
Type: Patch
MS07-026

Source: XF
Type: Third Party Advisory, VDB Entry
exchange-utf-xss(33887)

Source: XF
Type: UNKNOWN
exchange-utf-xss(33887)

Source: OVAL
Type: Third Party Advisory
oval:org.mitre.oval:def:1371

Vulnerable Configuration:

Configuration 1:

cpe:/a:microsoft:exchange_server:2000:sp3:*:*:*:*:*:*

OR cpe:/a:microsoft:exchange_server:2003:sp1:*:*:*:*:*:*

OR cpe:/a:microsoft:exchange_server:2003:sp2:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:microsoft:exchange_server:2003:sp1:*:*:*:*:*:*

OR cpe:/a:microsoft:exchange_server:2000:sp3:*:*:*:*:*:*

OR cpe:/a:microsoft:exchange_server:2003:sp2:*:*:*:*:*:*

AND

cpe:/o:microsoft:windows_vista:*:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.mitre.oval:def:1371	V	Outlook Web Access Script Injection Vulnerability	2008-05-05