Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.39 views

Scientific Linux Security Update : squirrelmail on SL5.x, SL4.x, SL3.x i386/x86_64

Several HTML filtering bugs were discovered in SquirrelMail. An attacker could inject arbitrary JavaScript leading to cross-site scripting attacks by sending an e-mail viewed by a user within SquirrelMail. CVE-2007-1262 Squirrelmail did not sufficiently check arguments to IMG tags in HTML e-mail...

5CVSS5.6AI score0.0253EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.31 views

openSUSE 10 Security Update : squirrelmail (squirrelmail-3629)

This update of squirrelmail fixes two cross-site-scripting vulnerabilities that can be used by an attacker to read opened emails CVE-2007-1262 and to send email on behalf of the user CVE-2007-2589. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in thi...

5CVSS5.4AI score0.0253EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2007/08/02 12:0 a.m.83 views

Mac OS X Multiple Vulnerabilities (Security Update 2007-007)

The remote host is running a version of Mac OS X 10.4 or 10.3 which does not have the security update 2007-007 applied. This update contains several security fixes for the following programs : - bzip2 - CFNetwork - CoreAudio - cscope - gnuzip - iChat - Kerberos - mDNSResponder - PDFKit - PHP -...

10CVSS8AI score0.90768EPSS
Exploits55References45
Tenable Nessus
Tenable Nessus
added 2007/05/20 12:0 a.m.24 views

RHEL 3 / 4 / 5 : squirrelmail (RHSA-2007:0358)

A new squirrelmail package that fixes security issues is now available for Red Hat Enterprise Linux 3, 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. SquirrelMail is a standards-based webmail package written in PHP4. Several HTML...

5CVSS5.7AI score0.0253EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2007/05/20 12:0 a.m.32 views

CentOS 3 / 4 / 5 : squirrelmail (CESA-2007:0358)

A new squirrelmail package that fixes security issues is now available for Red Hat Enterprise Linux 3, 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. SquirrelMail is a standards-based webmail package written in PHP4. Several HTML...

5CVSS5.7AI score0.0253EPSS
Exploits1References9
RedHat Linux
RedHat Linux
added 2007/05/17 2:57 p.m.42 views

Moderate: Red Hat Security Advisory: squirrelmail security update

A new squirrelmail package that fixes security issues is now available for Red Hat Enterprise Linux 3, 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. SquirrelMail is a standards-based webmail package written in PHP4. Several HTML...

5CVSS5.6AI score0.0253EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2007/05/11 4:20 a.m.22 views

CVE-2007-2589

Cross-site request forgery CSRF vulnerability in compose.php in SquirrelMail 1.4.0 through 1.4.9a allows remote attackers to send e-mails from arbitrary users via certain data in the SRC attribute of an IMG element...

5CVSS6.1AI score0.01374EPSS
Exploits1References1
NVD
NVD
added 2007/05/11 4:20 a.m.16 views

CVE-2007-2589

Cross-site request forgery CSRF vulnerability in compose.php in SquirrelMail 1.4.0 through 1.4.9a allows remote attackers to send e-mails from arbitrary users via certain data in the SRC attribute of an IMG element...

5CVSS6.7AI score0.01374EPSS
Exploits1References16
CVE
CVE
added 2007/05/11 3:55 a.m.66 views

CVE-2007-2589

CVE-2007-2589 : A CSRF vulnerability in SquirrelMail 1.4.0–1.4.9a (compose.php) lets an attacker induce actions (sending mail) from an arbitrary user via data in an IMG SRC attribute. This is described across multiple advisories (RHSA-2007:0358, CentOS/RHSA backport, openSUSE/SUSE ESP). The CVSS ...

5CVSS6.6AI score0.01374EPSS
Exploits1References16Affected Software1
Cvelist
Cvelist
added 2007/05/11 3:55 a.m.30 views

CVE-2007-2589

Cross-site request forgery CSRF vulnerability in compose.php in SquirrelMail 1.4.0 through 1.4.9a allows remote attackers to send e-mails from arbitrary users via certain data in the SRC attribute of an IMG element...

6.6AI score0.01374EPSS
Exploits1References16
Rows per page
Query Builder