Bogdan Materna

**Name of the Vulnerable Software and Affected Versions** Microsoft Exchange 2000 Server SP3 Microsoft Exchange Server 2003 SP2 **Description** A denial of service issue exists due to the way the Electronic Messaging System Microsoft Data Base (EMSMDB32) provider handles invalid MAPI commands. An attacker could exploit this by sending a specially crafted MAPI command, potentially causing the application to stop responding. This issue affects the Microsoft Exchange System Attendant, a core service in Microsoft Exchange responsible for various maintenance functions. **Recommendations** For Microsoft Exchange 2000 Server SP3, update to a version that includes the fix for the Literal Processing Vulnerability. For Microsoft Exchange Server 2003 SP2, update to a version that includes the fix for the Literal Processing Vulnerability. As a temporary workaround, consider restricting access to the EMSMDB32 provider until a patch is available.