Lucene search
K

11 matches found

Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.39 views

Scientific Linux Security Update : squirrelmail on SL5.x, SL4.x, SL3.x i386/x86_64

Several HTML filtering bugs were discovered in SquirrelMail. An attacker could inject arbitrary JavaScript leading to cross-site scripting attacks by sending an e-mail viewed by a user within SquirrelMail. CVE-2007-1262 Squirrelmail did not sufficiently check arguments to IMG tags in HTML e-mail...

5CVSS5.6AI score0.0253EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.21 views

FreeBSD Ports: squirrelmail

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

4.3CVSS6.6AI score0.0253EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.31 views

openSUSE 10 Security Update : squirrelmail (squirrelmail-3629)

This update of squirrelmail fixes two cross-site-scripting vulnerabilities that can be used by an attacker to read opened emails CVE-2007-1262 and to send email on behalf of the user CVE-2007-2589. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...

5CVSS5.4AI score0.0253EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2007/08/02 12:0 a.m.83 views

Mac OS X Multiple Vulnerabilities (Security Update 2007-007)

The remote host is running a version of Mac OS X 10.4 or 10.3 which does not have the security update 2007-007 applied. This update contains several security fixes for the following programs : - bzip2 - CFNetwork - CoreAudio - cscope - gnuzip - iChat - Kerberos - mDNSResponder - PDFKit - PHP -...

10CVSS8AI score0.90768EPSS
Exploits55References45
Tenable Nessus
Tenable Nessus
added 2007/05/20 12:0 a.m.24 views

RHEL 3 / 4 / 5 : squirrelmail (RHSA-2007:0358)

A new squirrelmail package that fixes security issues is now available for Red Hat Enterprise Linux 3, 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. SquirrelMail is a standards-based webmail package written in PHP4. Several HTML...

5CVSS5.7AI score0.0253EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2007/05/20 12:0 a.m.32 views

CentOS 3 / 4 / 5 : squirrelmail (CESA-2007:0358)

A new squirrelmail package that fixes security issues is now available for Red Hat Enterprise Linux 3, 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. SquirrelMail is a standards-based webmail package written in PHP4. Several HTML...

5CVSS5.7AI score0.0253EPSS
Exploits1References9
RedHat Linux
RedHat Linux
added 2007/05/17 2:57 p.m.45 views

Moderate: Red Hat Security Advisory: squirrelmail security update

A new squirrelmail package that fixes security issues is now available for Red Hat Enterprise Linux 3, 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. SquirrelMail is a standards-based webmail package written in PHP4. Several HTML...

5CVSS5.6AI score0.0253EPSS
Exploits1References4
Oracle linux
Oracle linux
added 2007/05/17 12:0 a.m.35 views

Moderate: squirrelmail security update

1.4.8-4.0.1.el4.0.1 - remove banners 1.4.8-4.0.1 - resolves: 239650: CVE-2007-1262 squirrelmail cross-site scripting flaw...

5CVSS2.1AI score0.0253EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2007/05/11 4:20 a.m.26 views

CVE-2007-1262

Multiple cross-site scripting XSS vulnerabilities in the HTML filter in SquirrelMail 1.4.0 through 1.4.9a allow remote attackers to inject arbitrary web script or HTML via the 1 data: URI in an HTML e-mail attachment or 2 various non-ASCII character sets that are not properly filtered when viewed...

4.3CVSS5.9AI score0.0253EPSS
Exploits1References1
CVE
CVE
added 2007/05/11 3:55 a.m.83 views

CVE-2007-1262

CVE-2007-1262 affects SquirrelMail 1.4.0–1.4.9a with multiple HTML filter XSS weaknesses: injection via the data: URI in HTML email attachments injection via improper handling of non-ASCII characters when viewed in Internet Explorer.Exploitation could allow remote script execution within the user...

4.3CVSS5.4AI score0.0253EPSS
Exploits1References24Affected Software1
Cvelist
Cvelist
added 2007/05/11 3:55 a.m.19 views

CVE-2007-1262

Multiple cross-site scripting XSS vulnerabilities in the HTML filter in SquirrelMail 1.4.0 through 1.4.9a allow remote attackers to inject arbitrary web script or HTML via the 1 data: URI in an HTML e-mail attachment or 2 various non-ASCII character sets that are not properly filtered when viewed...

5.4AI score0.0253EPSS
Exploits1References24
Rows per page
Query Builder