Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2004-0639
Description:Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1.2.10 and earlier allow remote attackers to inject arbitrary HTML or script via (1) the $mailer variable in read_body.php, (2) the $senderNames_part variable in mailbox_display.php, and possibly other vectors including (3) the $event_title variable or (4) the $event_text variable.
Test IDs: 1.3.6.1.4.1.25623.1.0.53225   1.3.6.1.4.1.25623.1.0.14217  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2004-0639
BugTraq ID: 10450
http://www.securityfocus.com/bid/10450
Bugtraq: 20040530 RS-2004-1: SquirrelMail "Content-Type" XSS vulnerability (Google Search)
http://marc.info/?l=bugtraq&m=108611554415078&w=2
Conectiva Linux advisory: CLA-2004:858
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000858
Debian Security Information: DSA-535 (Google Search)
http://www.debian.org/security/2004/dsa-535
http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt
XForce ISS Database: squirrelmail-from-header-xss(16285)
https://exchange.xforce.ibmcloud.com/vulnerabilities/16285




© 1998-2024 E-Soft Inc. All rights reserved.