Vulnerability

Microsoft Exchange URL Redirection Vulnerability (CVE-2014-6336)

Publish date: July 21, 2015

SEVERITY

LOW

//  ADVISORY DATE

  


DESCRIPTION

Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 6 does not properly validate redirection tokens, which allows remote attackers to redirect users to arbitrary web sites and spoof the origin of e-mail messages via unspecified vectors, aka "Exchange URL Redirection Vulnerability."

TREND MICRO PROTECTION INFORMATION

Apply associated Trend Micro DPI Rules.

SOLUTION

Trend Micro Deep Security DPI Rule Number: 1006346

Featured Stories

Connect with us on