Test ID:	1.3.6.1.4.1.25623.1.0.809314
Category:	Windows : Microsoft Bulletins
Title:	Microsoft Exchange Server Information Disclosure Vulnerabilities (3185883)
Summary:	This host is missing an important security; update according to Microsoft Bulletin MS16-108.
Description:	Summary: This host is missing an important security update according to Microsoft Bulletin MS16-108. Vulnerability Insight: The flaw exists due to the way that Microsoft Exchange Server parses email messages. Vulnerability Impact: Successful exploitation will allow remote an attacker to discover confidential user information that is contained in Microsoft Outlook applications. Affected Software/OS: - Microsoft Exchange Server 2007 Service Pack 3 - Microsoft Exchange Server 2010 Service Pack 3 - Microsoft Exchange Server 2013 Service Pack 1 - Microsoft Exchange Server 2013 Cumulative Update 12 - Microsoft Exchange Server 2013 Cumulative Update 13 - Microsoft Exchange Server 2016 Cumulative Update 1 - Microsoft Exchange Server 2016 Cumulative Update 2 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-0138 BugTraq ID: 92806 http://www.securityfocus.com/bid/92806 Microsoft Security Bulletin: MS16-108 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-108 http://www.securitytracker.com/id/1036778
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.