Lucene search
MitreCVE-2002-0516HistoryApr 02, 2003 - 5:00 a.m.
CVE-2002-0516
2003-04-0205:00:00
mitre
web.nvd.nist.gov
35
cve-2002-0516
squirrelmail
authenticated user
arbitrary command
cookie modification.
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.6
Confidence
High
EPSS
0.024
Percentile
90.2%
SquirrelMail 1.2.5 and earlier allows authenticated SquirrelMail users to execute arbitrary commands by modifying the THEME variable in a cookie.
Affected configurations
Node
squirrelmailsquirrelmailMatch1.2.0
ORsquirrelmailsquirrelmailMatch1.2.1
ORsquirrelmailsquirrelmailMatch1.2.2
ORsquirrelmailsquirrelmailMatch1.2.3
ORsquirrelmailsquirrelmailMatch1.2.4
ORsquirrelmailsquirrelmailMatch1.2.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| squirrelmail | squirrelmail | 1.2.0 | cpe:2.3:a:squirrelmail:squirrelmail:1.2.0:*:*:*:*:*:*:* |
| squirrelmail | squirrelmail | 1.2.1 | cpe:2.3:a:squirrelmail:squirrelmail:1.2.1:*:*:*:*:*:*:* |
| squirrelmail | squirrelmail | 1.2.2 | cpe:2.3:a:squirrelmail:squirrelmail:1.2.2:*:*:*:*:*:*:* |
| squirrelmail | squirrelmail | 1.2.3 | cpe:2.3:a:squirrelmail:squirrelmail:1.2.3:*:*:*:*:*:*:* |
| squirrelmail | squirrelmail | 1.2.4 | cpe:2.3:a:squirrelmail:squirrelmail:1.2.4:*:*:*:*:*:*:* |
| squirrelmail | squirrelmail | 1.2.5 | cpe:2.3:a:squirrelmail:squirrelmail:1.2.5:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2002-0516
2003-04-02 05:00:00
exploitdb
exploitdb
SquirrelMail 1.2.x - Theme Remote Command Execution
2002-03-28 00:00:00
nvd
nvd
CVE-2002-0516
2002-08-12 04:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
7.6
Confidence
High
EPSS
0.024
Percentile
90.2%
Related for CVE-2002-0516