CyberSec.Space Logo
CVEブラウザに戻る

CVE-2009-0099

MEDIUM
5.0
CVSS Severity Score
EPSS Score0.0460%
EPSS Percentile43.75th
Published2009年2月10日
Last Modified2026年4月23日

Vulnerability Description

The Electronic Messaging System Microsoft Data Base (EMSMDB32) provider in Microsoft Exchange 2000 Server SP3 and Exchange Server 2003 SP2, as used in Exchange System Attendant, allows remote attackers to cause a denial of service (application outage) via a malformed MAPI command, aka "Literal Processing Vulnerability."

Affected Platforms (CPE)

📦
Microsoft

Exchange Server

= 2000
📦
Microsoft

Exchange Server

= 2003
📦
Microsoft

Exchange Server

= 2007

References & Advisories

🔗 http://osvdb.org/51838
🔗 http://secunia.com/advisories/33838
🔗 http://www.us-cert.gov/cas/techalerts/TA09-041A.html
🔗 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-003
🔗 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6159
🔗 http://osvdb.org/51838
🔗 http://secunia.com/advisories/33838
🔗 http://www.us-cert.gov/cas/techalerts/TA09-041A.html

関連する脆弱性情報

CVE-2004-084010.0

The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 200...

CVE-2006-662710.0

Integer overflow in the packed PE file parsing implementation in BitDefender products before 20060829, including Antivirus, Antivi...

CVE-2004-057410.0

The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, ...

CVE-2007-021310.0

Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 does not properly decode certain MIME encoded e-mails, which allows...