8 lines
No EOL
587 B
Text
8 lines
No EOL
587 B
Text
source: https://www.securityfocus.com/bid/12459/info
|
|
|
|
A remote URI-redirection vulnerability affects Microsoft Outlook Web Access. This issue occurs because the application fails to properly sanitize URI-supplied data.
|
|
|
|
An attacker may leverage this issue to carry out convincing phishing attacks against unsuspecting users by causing an arbitrary page to be loaded when the Microsoft Outlook Web Access login form is submitted.
|
|
|
|
https://owa.example.com/exchweb/bin/auth/owalogon.asp?url=http://www.example.net
|
|
https://owa.example.com/exchweb/bin/auth/owalogon.asp?url=http://3221234342/ |