CyberSec.Space Logo
Back to CVE Browser

CVE-2009-0099

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.0460%
EPSS Percentile43.75th
PublishedFeb 10, 2009
Last ModifiedApr 23, 2026

Vulnerability Description

The Electronic Messaging System Microsoft Data Base (EMSMDB32) provider in Microsoft Exchange 2000 Server SP3 and Exchange Server 2003 SP2, as used in Exchange System Attendant, allows remote attackers to cause a denial of service (application outage) via a malformed MAPI command, aka "Literal Processing Vulnerability."

Affected Platforms (CPE)

πŸ“¦
Microsoft

Exchange Server

= 2000
πŸ“¦
Microsoft

Exchange Server

= 2003
πŸ“¦
Microsoft

Exchange Server

= 2007

References & Advisories

πŸ”— http://osvdb.org/51838
πŸ”— http://secunia.com/advisories/33838
πŸ”— http://www.us-cert.gov/cas/techalerts/TA09-041A.html
πŸ”— https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-003
πŸ”— https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6159
πŸ”— http://osvdb.org/51838
πŸ”— http://secunia.com/advisories/33838
πŸ”— http://www.us-cert.gov/cas/techalerts/TA09-041A.html

Related Vulnerabilities

CVE-2004-084010.0

The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 200...

CVE-2006-662710.0

Integer overflow in the packed PE file parsing implementation in BitDefender products before 20060829, including Antivirus, Antivi...

CVE-2004-057410.0

The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, ...

CVE-2007-021310.0

Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 does not properly decode certain MIME encoded e-mails, which allows...