MS.Exchange.Server.Base64.MIME.Message.Code.Execution
Description
This indicates an attack attempt against a heap-overrun vulnerability in Microsoft Exchange Server.
The vulnerability is caused by improper decoding of some specially crafted email messages. A remote attacker could exploit this vulnerability by sending crafted base64-encoded MIME email message to execute arbitrary code using the privileges of the currently logged on user.
Affected Products
Microsoft Exchange Server 2007 0
Microsoft Exchange Server 2003 SP2
Microsoft Exchange Server 2003 SP1
Microsoft Exchange Server 2003
Microsoft Exchange Server 2000 SP3
Microsoft Exchange Server 2000 SP2
Microsoft Exchange Server 2000 SP1
Microsoft Exchange Server 2000
Avaya Messaging Application Server MM 3.1
Avaya Messaging Application Server MM 3.0
Avaya Messaging Application Server MM 2.0
Avaya Messaging Application Server 0
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply patch, available from the web site:
http://www.microsoft.com/technet/security/Bulletin/ms07-026.mspx
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |