Lucene search
GoogleOSV:DSA-199HistoryNov 19, 2002 - 12:00 a.m.
mhonarc - cross site scripting
2002-11-1900:00:00
Google
osv.dev
5
EPSS
0.015
Percentile
86.8%
Steven Christey discovered a cross site scripting vulnerability in
mhonarc, a mail to HTML converter. Carefully crafted message headers
can introduce cross site scripting when mhonarc is configured to
display all headers lines on the web. However, it is often useful to
restrict the displayed header lines to To, From and Subject, in which
case the vulnerability cannot be exploited.
This problem has been fixed in version 2.5.2-1.2 for the current
stable distribution (woody), in version 2.4.4-1.2 for the old stable
distribution (potato) and in version 2.5.13-1 for the unstable
distribution (sid).
We recommend that you upgrade your mhonarc package.
References
Related
debian
debian
[SECURITY] [DSA 199-1] New mhonarc packages fix cross site scripting
2002-11-19 15:15:07
[SECURITY] [DSA 199-1] New mhonarc packages fix cross site scripting
2002-11-19 15:15:07
nvd
nvd
CVE-2002-1307
2002-11-29 05:00:00
openvas
openvas
Debian Security Advisory DSA 199-1 (mhonarc)
2008-01-17 00:00:00
Debian Security Advisory DSA 199-1 (mhonarc)
2008-01-17 00:00:00
debiancve
debiancve
CVE-2002-1307
2004-09-01 04:00:00
nessus
nessus
Debian DSA-199-1 : mhonarc - XSS
2004-09-29 00:00:00
cvelist
cvelist
CVE-2002-1307
2004-09-01 04:00:00
cve
cve
CVE-2002-1307
2004-09-01 04:00:00
securityvulns
securityvulns
[SECURITY] [DSA 199-1] New mhonarc packages fix cross site scripting
2002-11-20 00:00:00