virus logo Intrusion Prevention

MS.Exchange.Server.Base64.MIME.Message.Code.Execution

description-logoDescription

This indicates an attack attempt against a heap-overrun vulnerability in Microsoft Exchange Server.
The vulnerability is caused by improper decoding of some specially crafted email messages. A remote attacker could exploit this vulnerability by sending crafted base64-encoded MIME email message to execute arbitrary code using the privileges of the currently logged on user.

affected-products-logoAffected Products

Microsoft Exchange Server 2007 0
Microsoft Exchange Server 2003 SP2
Microsoft Exchange Server 2003 SP1
Microsoft Exchange Server 2003
Microsoft Exchange Server 2000 SP3
Microsoft Exchange Server 2000 SP2
Microsoft Exchange Server 2000 SP1
Microsoft Exchange Server 2000
Avaya Messaging Application Server MM 3.1
Avaya Messaging Application Server MM 3.0
Avaya Messaging Application Server MM 2.0
Avaya Messaging Application Server 0

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply patch, available from the web site:
http://www.microsoft.com/technet/security/Bulletin/ms07-026.mspx

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)
ID 14575
Created May 22, 2007
Updated Nov 09, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID CVE-2007-0213
Exploit Prediction Score 96.82%
Default Action drop
Active
Affected OS Windows
Affected App MS_Exchange