vulnerability
MS16-010: Security Update in Microsoft Exchange Server to Address Spoofing (3124557)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:P/A:N) | Jan 12, 2016 | Jan 12, 2016 | Jul 28, 2025 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
Jan 12, 2016
Added
Jan 12, 2016
Modified
Jul 28, 2025
Description
Multiple spoofing vulnerabilities exist in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests. An attacker who successfully exploited the vulnerabilities could perform script or content injection attacks, and attempt to trick the user into disclosing sensitive information. An attacker could also redirect the user to a malicious website that could spoof content or be used as a pivot to chain an attack with other vulnerabilities in web services.
Solutions
WINDOWS-HOTFIX-MS16-010-ab13c720-a522-4cc3-889a-7b0c715fd876WINDOWS-HOTFIX-MS16-010-bbc6fc20-e748-4533-b78a-3bc168fa8044WINDOWS-HOTFIX-MS16-010-ef799cce-e493-4f6f-bcd1-6f675e4e224b
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.