CVE-2002-1132

Опубликовано: 04 окт. 2002

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

SquirrelMail 1.2.7 and earlier allows remote attackers to determine the absolute pathname of the options.php script via a malformed optpage file argument, which generates an error message when the file cannot be included in the script.

Ссылки

http://archives.neohapsis.com/archives/bugtraq/2002-09/0246.html
Exploit
Vendor Advisory
http://www.debian.org/security/2002/dsa-191
Patch
Vendor Advisory
http://www.iss.net/security_center/static/10345.php
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2002-204.html
http://www.securityfocus.com/bid/5949
http://archives.neohapsis.com/archives/bugtraq/2002-09/0246.html
Exploit
Vendor Advisory
http://www.debian.org/security/2002/dsa-191
Patch
Vendor Advisory
http://www.iss.net/security_center/static/10345.php
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2002-204.html
http://www.securityfocus.com/bid/5949

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:squirrelmail:squirrelmail:*:*:*:*:*:*:*:*

Версия до 1.2.7 (включая)

EPSS

Процентиль: 69%

0.00619

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2002-1132

redhat

почти 23 года назад

CVE-2002-1132

debian

больше 22 лет назад

SquirrelMail 1.2.7 and earlier allows remote attackers to determine th ...

GHSA-pq33-gcvg-vm8r

github

около 3 лет назад

EPSS

Процентиль: 69%

0.00619

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other