English | Deutsch | Español | Português
 UserID:
 Passwd:
new user
 About:   Dedicated  | Advanced  | Standard  | Recurring  | No Risk  | Desktop  | Basic  | Single  | Security Seal  | FAQ
  Price/Feature Summary  | Order  | New Vulnerabilities  | Confidentiality  | Vulnerability Search
 Vulnerability   
Search   
    Search 75096 CVE descriptions
and 39644 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2006-6142
Description:Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.0 through 1.4.9 allow remote attackers to inject arbitrary web script or HTML via the (1) mailto parameter in (a) webmail.php, the (2) session and (3) delete_draft parameters in (b) compose.php, and (4) unspecified vectors involving "a shortcoming in the magicHTML filter."
Test IDs: 1.3.6.1.4.1.25623.1.0.57749   1.3.6.1.4.1.25623.1.0.59533   1.3.6.1.4.1.25623.1.0.59454   1.3.6.1.4.1.25623.1.0.59455   1.3.6.1.4.1.25623.1.0.62262   1.3.6.1.4.1.25623.1.0.57816   1.3.6.1.4.1.25623.1.0.57705  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2006-6142
http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
Debian Security Information: DSA-1241 (Google Search)
http://www.debian.org/security/2006/dsa-1241
http://fedoranews.org/cms/node/2438
http://fedoranews.org/cms/node/2439
http://www.mandriva.com/security/advisories?name=MDKSA-2006:226
RedHat Security Advisories: RHSA-2007:0022
http://www.redhat.com/support/errata/RHSA-2007-0022.html
SGI Security Advisory: 20070201-01-P
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
SuSE Security Announcement: SUSE-SR:2006:029 (Google Search)
http://www.novell.com/linux/security/advisories/2006_29_sr.html
SuSE Security Announcement: SUSE-SR:2007:004 (Google Search)
http://www.novell.com/linux/security/advisories/2007_4_sr.html
BugTraq ID: 21414
http://www.securityfocus.com/bid/21414
BugTraq ID: 25159
http://www.securityfocus.com/bid/25159
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:9988
http://www.vupen.com/english/advisories/2006/4828
http://www.vupen.com/english/advisories/2007/2732
http://securitytracker.com/id?1017327
http://secunia.com/advisories/23195
http://secunia.com/advisories/23322
http://secunia.com/advisories/23409
http://secunia.com/advisories/23504
http://secunia.com/advisories/23811
http://secunia.com/advisories/24004
http://secunia.com/advisories/24284
http://secunia.com/advisories/26235
XForce ISS Database: squirrelmail-mimeheader-xss(30695)
http://xforce.iss.net/xforce/xfdb/30695
XForce ISS Database: squirrelmail-webmail-compose-xss(30693)
http://xforce.iss.net/xforce/xfdb/30693
XForce ISS Database: squirrelmail-magichtml-messages-xss(30694)
http://xforce.iss.net/xforce/xfdb/30694

New User Registration
Email:
UserID:
Passwd:
Please email me your monthly newsletters, informing the latest services, improvements & surveys.
Please email me a vulnerability test announcement whenever a new test is added.
   Privacy
Registered User Login
 
UserID:   
Passwd:  

 Forgot userid or passwd?
Email/Userid:




Home | About Us | Contact Us | Partner Programs | Privacy | Mailing Lists | Abuse
Security Audits | Managed DNS | Network Monitoring | Site Analyzer | Internet Research Reports
Web Probe | Whois

© 1998-2014 E-Soft Inc. All rights reserved.