Описание
The parseAddress code in (1) SquirrelMail 1.4.0 and (2) GPG Plugin 1.1 allows remote attackers to execute commands via shell metacharacters in the "To:" field.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| squirrelmail | fixed | 1.4.2 | package |
Примечания
Only potentially exploitable withexternel GPG Plugin, see
http://www.securityfocus.com/archive/1/348366
The potential problems have been fixed as of 1.4.2
EPSS
Процентиль: 99%
0.78049
Высокий
Связанные уязвимости
nvd
больше 21 года назад
The parseAddress code in (1) SquirrelMail 1.4.0 and (2) GPG Plugin 1.1 allows remote attackers to execute commands via shell metacharacters in the "To:" field.
github
больше 3 лет назад
The parseAddress code in (1) SquirrelMail 1.4.0 and (2) GPG Plugin 1.1 allows remote attackers to execute commands via shell metacharacters in the "To:" field.
EPSS
Процентиль: 99%
0.78049
Высокий