Microsoft_Outlook_Web_Access_Login_URL_Redirection_attack

There exists a flaw in the way Microsoft Outlook Web Access (OWA) handles HTTP request parameters. A login request submitted with special crafted parameters could redirect users to arbitrary web sites. An attacker could leverage this vulnerability to spoof trusted web sites and obtain user credentials. This vulnerability does not affect the target OWA component or Exchange server directly. However, when a user is enticed to follow a malicious link, the login form returned by the OWA server will contain content from the site specified by the url parameter of the malicious link. With respect to the target user, his login credentials and other information will be sent to the site specified by the url parameter of the malicious link instead of the OWA component.