Security 10748 Published by

A security vulnerability exists in Exchange 2000 Outlook Web Access, because it will accept and process a request for an item in an authenticated user's mailbox without verifying first that the folder structure is valid. An attacker could mount a denial of service attack by repeatedly levying a request for a non-existent but deeply nested folder in his own mailbox.

Read more