NVD

Id
16648  
Name
CVE-2016-0138  
Description
Microsoft Exchange Server 2007 SP3, 2010 SP3, 2013 SP1, 2013 Cumulative Update 12, 2013 Cumulative Update 13, 2016 Cumulative Update 1, and 2016 Cumulative Update 2 misparses e-mail messages, which allows remote authenticated users to obtain sensitive Outlook application information by leveraging the Send As right, aka "Microsoft Exchange Information Disclosure Vulnerability."  
Reject
 
CVSS Version
2  
CVSS Score
4  
Severity
Medium  
CVSS Base Score
4  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:P/I:N/A:N)  
Pub Date
2017-01-19  
Published
2016-09-14  
Modified Date
2016-11-28  
Seq
2016-0138  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
92919 16648 CVE-2016-0138 MS16-108  View
92920 16648 CVE-2016-0138 92806  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
3930 JVNDB-2016-004703 Microsoft Exchange Server における重要な Outlook アプリケーション情報を取得される脆弱性 Microsoft Exchange Server は、電子メールメッセージを誤って解析するため、重要な Outlook アプリケーション情報を取得される脆弱性が存在します。 CVE-2016-0138 86342 CVE-2016-0138 16648 4 4.3 http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-004703.html 2016-09-13 2016-09-15 View