CVE-2005-0420

medium Microsoft
CVSS v3 Base Score
5.8
AV:N/AC:M/Au:N/C:P/I:P/A:N
EPSS Score
74.7%
Exploitation probability in 30 days
Top 1% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
M
Confidentiality
P
Integrity
P
Availability
None
Published: April 27, 2005 (7687 days ago)
Last Modified: April 16, 2026
Vendor: Microsoft
Source: NVD

Description

Microsoft Outlook Web Access (OWA), when used with Exchange, allows remote attackers to redirect users to arbitrary URLs for login via a link to the owalogon.asp application.

CWE

CWE-601

Affected Products

microsoft exchange server

References

🔗 seclists.org 🔗 secunia.com 🔗 www.securityfocus.com 🔗 www.vupen.com 🔗 exchange.xforce.ibmcloud.com