Welcome to the Virus Encyclopedia of Panda Security.
|Alias:||Vulnerability in Microsoft Exchange Server Running Outlook Web Access|
It is an important vulnerability in Outlook Web Access, which is a service of Exchange Server. It allows hackers to access to any data on the Outlook Web Access server that was accessible to the user under attack.
|First detected on:||June 14, 2006|
|Detection updated on:||June 14, 2006|
MS06-029 is not categorized as virus, worm, Trojan or backdoor. It is an important vulnerability in Outlook Web Access, which is a service of Exchange Server. Affected versions are Exchange Server 2000/2003. This vulnerability allows hackers to access to any data on the Outlook Web Access server that was accessible to the user under attack.
If exploited successfully, MS06-029 allows a script to take the following actions on the user's computer, among others: monitor the web session, forward information to a third party, run other code and read or write cookies.
In order to exploit this vulnerability, the attacking user must send a specially crafted email message, and then entice users into opening it by using Outlook Web Access.
If you have a server with Exchange Server 2000/2003 installed, it is recommended to download and apply the security patch for this vulnerability. Click here to access the web page for downloading the patch.