Microsoft Exchange URL Redirection Vulnerability (CVE-2014-6336)
Publish Date: 21 de lipca de 2015
Severity: : Low
Advisory Date: 21 de lipca de 2015
DESCRIPTION
Outlook Web App (OWA) in Microsoft Exchange Server 2013 SP1 and Cumulative Update 6 does not properly validate redirection tokens, which allows remote attackers to redirect users to arbitrary web sites and spoof the origin of e-mail messages via unspecified vectors, aka "Exchange URL Redirection Vulnerability."
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1006346