Vigil@nce - Exchange 2007: Cross Site Request Forgery of OWA
July 2010 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
An attacker can invite the victim to see a malicious HTML page,
while he is authenticated to the Exchange OWA webmail, in order to
access to his mail account.
Severity: 2/4
Creation date: 08/07/2010
DESCRIPTION OF THE VULNERABILITY
When a user is authenticated on Exchange OWA webmail, he can
perform configuration operations on his account.
An anti-CSRF (Cross Site Request Forgery) protection checks that
these configuration operations come from the user. However, OWA
does not do these checks.
An attacker can therefore invite the victim to see a malicious
HTML page, while he is authenticated to the Exchange OWA webmail,
in order to access to his mail account.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Exchange-2007-Cross-Site-Request-Forgery-of-OWA-9748