This indicates an attempt to exploit a cross-site scripting (XSS) vulnerability in the Outlook Web Access (OWA) for Exchange Server.
The vulnerability is a result of incorrectly parsing HTML when opening mail from within OWA. As a result, a remote attacker could run scripts in the security context of the user's OWA session.
Microsoft Exchange Server 2003 SP1 and SP2
Microsoft Exchange Server 2007 and SP1.
System Compromise: Remote attackers can gain control of vulnerable systems.
Apply patch, available from the web site.