SquirrelMail with MSIE Unspecified Non-ASCII Character Set XSS

ID OSVDB:35888
Type osvdb
Reporter OSVDB
Modified 2007-05-09T06:18:23


Solution Description

Upgrade to version 1.4.10 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.


Vendor Specific Advisory URL Secunia Advisory ID:25787 Secunia Advisory ID:25236 Secunia Advisory ID:25690 Secunia Advisory ID:26235 Secunia Advisory ID:25320 Secunia Advisory ID:25391 Secunia Advisory ID:25200 Related OSVDB ID: 35889 Related OSVDB ID: 35887 RedHat RHSA: RHSA-2007:0358 Other Advisory URL: http://www.us.debian.org/security/2007/dsa-1290 Other Advisory URL: ftp://patches.sgi.com/support/free/security/advisories/20070502-01-P.asc Other Advisory URL: http://www.novell.com/linux/security/advisories/2007_13_sr.html Other Advisory URL: http://www.squirrelmail.org/security/issue/2007-05-09 Other Advisory URL: http://lists.rpath.com/pipermail/security-announce/2007-June/000199.html Other Advisory URL: http://docs.info.apple.com/article.html?artnum=306172 CVE-2007-1262