Update Protection against Outlook Web Access HTML Parsing Cross-Site Scripting Vulnerability (MS08-039)
| Check Point Reference: | CPAI-2008-094 | |
| Date Published: | ||
| Severity: | ||
| Source: | Microsoft Security Bulletin MS08-039 | |
| Industry Reference(s): | CVE-2008-2248 | |
| Protection Provided by: |
VPN-1
|
|
| Who is Vulnerable? Microsoft Exchange Server 2003 SP2 Microsoft Exchange Server 2007 Microsoft Exchange Server 2007 SP1 | ||
| Vulnerability Description A cross-site scripting vulnerability has been detected in Outlook Web Access. Outlook Web Access (OWA) is a webmail service of Microsoft Exchange Server 5.0 and later. The web interface of OWA resembles the interface in Microsoft Outlook. Cross-site scripting (XSS) could enable an attacker to inject code into a user's session with a Web site. A remote attacker may exploit this vulnerability to gain access to a user’s OWA session data allowing elevation of privilege. |
||
|
Update/Patch Available Apply patches: Microsoft Security Bulletin MS08-039 |
|
|
Vulnerability Details The vulnerability is a result of OWA incorrectly parsing HTML when opening e-mail from within OWA. An attacker could exploit this vulnerability by sending a specially crafted e-mail message that contains a malicious script to the victim. Successful exploitation of this issue could allow the attacker to login to the OWA session, leading to elevation of privilege. |
Protection Overview
By enabling this protection, SmartDefense will detect and block the transfer over SMTP of malformed e-mail messages attempting to exploit this vulnerability.
In order for the protection to be activated, update your VPN-1 product to the latest SmartDefense update. For information on how to update SmartDefense, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.