Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2007-0358

Опубликовано: 17 мая 2007
Источник: oracle-oval
Платформа: Oracle Linux 5

Описание

ELSA-2007-0358: Moderate: squirrelmail security update (MODERATE)

[1.4.8-4.0.1.el4.0.1]

  • remove banners

[1.4.8-4.0.1]

  • resolves: #239650: CVE-2007-1262 squirrelmail cross-site scripting flaw

Обновленные пакеты

Oracle Linux 5

Oracle Linux x86_64

squirrelmail

1.4.8-4.0.1.el5.0.1

Oracle Linux i386

squirrelmail

1.4.8-4.0.1.el5.0.1

Связанные CVE

Связанные уязвимости

ubuntu
около 18 лет назад

Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail 1.4.0 through 1.4.9a allows remote attackers to send e-mails from arbitrary users via certain data in the SRC attribute of an IMG element.

redhat
около 18 лет назад

Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail 1.4.0 through 1.4.9a allows remote attackers to send e-mails from arbitrary users via certain data in the SRC attribute of an IMG element.

nvd
около 18 лет назад

Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail 1.4.0 through 1.4.9a allows remote attackers to send e-mails from arbitrary users via certain data in the SRC attribute of an IMG element.

debian
около 18 лет назад

Cross-site request forgery (CSRF) vulnerability in compose.php in Squi ...

ubuntu
около 18 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in the HTML filter in SquirrelMail 1.4.0 through 1.4.9a allow remote attackers to inject arbitrary web script or HTML via the (1) data: URI in an HTML e-mail attachment or (2) various non-ASCII character sets that are not properly filtered when viewed with Microsoft Internet Explorer.