all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

ZDI-23-1447: Microsoft Exchange ExFileLog Deserialization of Untrusted Data Denial-of-Service Vulnerability

Add to bookmarks
Sept. 19, 2023, 5 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Microsoft Exchange. Authentication is required to exploit this vulnerability.

attackers authentication data deserialization exchange exploit microsoft microsoft exchange service untrusted vulnerability zdi

Visit resource

More from www.zerodayinitiative.com / ZDI: Published Advisories

ZDI-23-1455: Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability 4 days, 16 hours ago | www.zerodayinitiative.com
attackers disclosure exploit file +14
ZDI-23-1454: Ashlar-Vellum Cobalt AR File Parsing Type Confusion Remote Code Execution Vulnerability 5 days, 16 hours ago | www.zerodayinitiative.com
arbitrary code attackers cobalt code +12
ZDI-23-1453: Ashlar-Vellum Cobalt AR File Parsing Use-After-Free Remote Code Execution Vulnerability 5 days, 16 hours ago | www.zerodayinitiative.com
arbitrary code attackers cobalt code +13
ZDI-23-1452: Ashlar-Vellum Cobalt AR File Parsing Use-After-Free Remote Code Execution Vulnerability 5 days, 16 hours ago | www.zerodayinitiative.com
arbitrary code attackers cobalt code +13
ZDI-23-1450: Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability 5 days, 16 hours ago | www.zerodayinitiative.com
arbitrary code attackers cobalt code +12
ZDI-23-1451: Ashlar-Vellum Cobalt AR File Parsing Type Confusion Remote Code Execution Vulnerability 5 days, 16 hours ago | www.zerodayinitiative.com
arbitrary code attackers cobalt code +12
ZDI-23-1449: (0Day) Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability 5 days, 16 hours ago | www.zerodayinitiative.com
0day amp assistant attacker +20
ZDI-23-1446: Microsoft Windows Untrusted Script Execution Remote Code Execution Vulnerability 1 week ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +14
ZDI-23-1447: Microsoft Exchange ExFileLog Deserialization of Untrusted Data Denial-of-Service Vulnerability 1 week ago | www.zerodayinitiative.com
attackers authentication data deserialization +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Business Information Security Officer

@ Metrolink | Los Angeles, CA
View on infosec-jobs.com

Senior Security Engineer

@ Freedom of the Press Foundation | Remote, 4 hour time zone overlap with New York City
View on infosec-jobs.com

Security Engineer

@ ChartMogul | Remote, EU
View on infosec-jobs.com

Malware Reverse Engineer

@ Two Six Technologies | Fort Meade, Maryland
View on infosec-jobs.com

SOC Analyst Level 3

@ OpenBet | Bengaluru, India
View on infosec-jobs.com

Course Developer, Network Security

@ Palo Alto Networks | Plano, TX, United States
View on infosec-jobs.com
View more jobs