Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0340


Vulnerability Score 7.5 7.5
CVE Id CVE-2001-0340
Last Modified 05 Sep 2008 04:23:52
Published 21 Jul 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



An interaction between the Outlook Web Access (OWA) service in Microsoft Exchange 2000 Server and Internet Explorer allows attackers to execute malicious script code against a user's mailbox via a message attachment that contains HTML code, which is executed automatically.

Vulnerable Systems


  • Microsoft Exchange Server 2000

  • Microsoft Exchange Server 5.5


MS - MS01-030

XF - exchange-owa-script-execution(6652)

CIAC - L-091

Last Updated: 27 May 2016 10:36:14