certfr_avis - certa-2005-avi-108

CERTA-2005-AVI-108

Vulnerability from certfr_avis

None

Description

Lorsque l'on essaie de déplacer ou de supprimer un dossier qui contient une arborescence importante de sous-dossiers dans Microsoft Outlook, il est possible que le service de banque d'informations de Microsoft Exchange (store.exe) cesse de répondre.

Cette vulnérabilité peut être exploitée par un utilisateur mal intentionné pour créer un déni de service.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention du correctif (CF. Documentation)

None

Impacted products

	Vendor	Product	Description
	Microsoft	N/A	Microsoft Exchange Server 2003 Standard Edition ;
	Microsoft	N/A	Microsoft Exchange Server 2003 Enterprise Edition.

References

Title

Publication Time

Tags

Bulletin de sécurité Secunia SA14543	None	vendor-advisory
Avis de sécurité Microsoft	-	other
Avis de sécurité Secunia SA14543	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Exchange Server 2003 Standard Edition ;",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Exchange Server 2003 Enterprise Edition.",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Description\n\nLorsque l\u0027on essaie de d\u00e9placer ou de supprimer un dossier qui contient\nune arborescence importante de sous-dossiers dans Microsoft Outlook, il\nest possible que le service de banque d\u0027informations de Microsoft\nExchange (store.exe) cesse de r\u00e9pondre.\n\nCette vuln\u00e9rabilit\u00e9 peut \u00eatre exploit\u00e9e par un utilisateur mal\nintentionn\u00e9 pour cr\u00e9er un d\u00e9ni de service.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention du\ncorrectif (CF. Documentation)\n",
  "cves": [],
  "initial_release_date": "2005-03-14T00:00:00",
  "last_revision_date": "2005-03-14T00:00:00",
  "links": [
    {
      "title": "Avis de s\u00e9curit\u00e9 Microsoft",
      "url": "http://support.microsoft.com/?kbid=891504"
    },
    {
      "title": "Avis de s\u00e9curit\u00e9 Secunia SA14543",
      "url": "http://secunia.com/advisories/14543"
    }
  ],
  "reference": "CERTA-2005-AVI-108",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2005-03-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    }
  ],
  "summary": null,
  "title": "Vuln\u00e9rabilit\u00e9 de Microsoft Exchange Server 2003",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Secunia SA14543",
      "url": null
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted