Cross-site Request Forgery Vulnerability in Microsoft Outlook Web Access 2007
CVE-2010-3213

Currently unrated

Key Information:

Vendor: Microsoft
Status: Outlook Web Access
Vendor: CVE Published:; 7 September 2010

Summary

A cross-site request forgery (CSRF) vulnerability in Microsoft Outlook Web Access 2007, including SP2, can allow remote attackers to hijack user authentication. This vulnerability facilitates unauthorized Outlook requests, such as the ability to set auto-forward rules without the user's consent, leading to potential data leakage and privacy breaches.

References

http://www.securityfocus.com/bid/41462

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/60164

vdb-entryx_refsource_XF

http://sites.google.com/site/tentacoloviola/pwning-corpor...

x_refsource_MISC

Timeline

Vulnerability published
Sep 7, 2010
Vulnerability Reserved
Sep 3, 2010