Описание
Dynamic variable evaluation vulnerability in compose.php in SquirrelMail 1.4.0 to 1.4.7 allows remote attackers to overwrite arbitrary program variables and read or write the attachments and preferences of other users.
Dynamic variable evaluation vulnerability in compose.php in SquirrelMail 1.4.0 to 1.4.7 allows remote attackers to overwrite arbitrary program variables and read or write the attachments and preferences of other users.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-4019
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28365
- https://issues.rpath.com/browse/RPL-577
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11533
- http://attrition.org/pipermail/vim/2006-August/000970.html
- http://docs.info.apple.com/article.html?artnum=306172
- http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
- http://marc.info/?l=full-disclosure&m=115532449024178&w=2
- http://secunia.com/advisories/21354
- http://secunia.com/advisories/21444
- http://secunia.com/advisories/21586
- http://secunia.com/advisories/22080
- http://secunia.com/advisories/22104
- http://secunia.com/advisories/22487
- http://secunia.com/advisories/26235
- http://securitytracker.com/id?1016689
- http://www.debian.org/security/2006/dsa-1154
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:147
- http://www.novell.com/linux/security/advisories/2006_23_sr.html
- http://www.osvdb.org/27917
- http://www.redhat.com/support/errata/RHSA-2006-0668.html
- http://www.securityfocus.com/archive/1/442980/100/0/threaded
- http://www.securityfocus.com/archive/1/442993/100/0/threaded
- http://www.securityfocus.com/bid/19486
- http://www.securityfocus.com/bid/25159
- http://www.squirrelmail.org/patches/sqm1.4.7-expired-post-fix-full.patch
- http://www.squirrelmail.org/security/issue/2006-08-11
- http://www.vupen.com/english/advisories/2006/3271
- http://www.vupen.com/english/advisories/2007/2732
EPSS
CVE ID
Связанные уязвимости
Dynamic variable evaluation vulnerability in compose.php in SquirrelMail 1.4.0 to 1.4.7 allows remote attackers to overwrite arbitrary program variables and read or write the attachments and preferences of other users.
Dynamic variable evaluation vulnerability in compose.php in SquirrelMail 1.4.0 to 1.4.7 allows remote attackers to overwrite arbitrary program variables and read or write the attachments and preferences of other users.
Dynamic variable evaluation vulnerability in compose.php in SquirrelMail 1.4.0 to 1.4.7 allows remote attackers to overwrite arbitrary program variables and read or write the attachments and preferences of other users.
Dynamic variable evaluation vulnerability in compose.php in SquirrelMa ...
EPSS