Lucene search
+L

101 matches found

Debian
Debian
added 2004/07/23 4:20 a.m.47 views

[SECURITY] [DSA 533-1] New courier packages fix cross-site scripting vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 533-1 [email protected] http://www.debian.org/security/ Matt Zimmerman July 22nd, 2004 http://www.debian.org/security/faq -...

6.8CVSS5.5AI score0.04973EPSS
Exploits1
OSV
OSV
added 2004/07/22 12:0 a.m.15 views

DSA-533 courier - cross-site scripting

Bulletin has no description...

6.8CVSS6.1AI score0.04973EPSS
Exploits1
Debian CVE
Debian CVE
added 2004/06/24 4:0 a.m.39 views

CVE-2004-0591

Cross-site scripting XSS vulnerability in the printheaderuc function for SqWebMail 4.0.4 and earlier, and possibly 3.x, allows remote attackers to inject arbitrary web script or HRML via 1 e-mail headers or 2 a message with a "message/delivery-status" MIME Content-Type...

6.8CVSS5.7AI score0.04973EPSS
Exploits1
Cvelist
Cvelist
added 2004/06/24 4:0 a.m.24 views

CVE-2004-0591

Cross-site scripting XSS vulnerability in the printheaderuc function for SqWebMail 4.0.4 and earlier, and possibly 3.x, allows remote attackers to inject arbitrary web script or HRML via 1 e-mail headers or 2 a message with a "message/delivery-status" MIME Content-Type...

5.7AI score0.04973EPSS
Exploits1References6
CVE
CVE
added 2004/06/24 4:0 a.m.75 views

CVE-2004-0591

CVE-2004-0591 describes a cross-site scripting (XSS) vulnerability in SqWebMail’s print_header_uc function affecting SqWebMail 4.0.4 and earlier (possibly 3.x). An attacker can inject arbitrary script via (1) email headers or (2) a message with a “message/delivery-status” MIME type, executing in ...

6.8CVSS5.7AI score0.04973EPSS
Exploits1References6Affected Software1
securityvulns
securityvulns
added 2004/06/23 12:0 a.m.32 views

XSS vulnerability in Sqwebmail 4.0.4

Hello Bugtraq, Sqwebmail http://www.inter7.com/sqwebmail/ is a web cgi client for sending and receiving email using Maildir mailboxes. During a web application security evaluation on Sqwebmail 4.0.4.20040524 we have found a XSS Cross Site Scripting vulnerability inside the printheaderuc function...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2004/06/21 12:0 a.m.22 views

SqWebMail 4.0.4.20040524 - Email Header HTML Injection

SqWebMail 4.0.4.20040524 - Email Header HTML Injection source: https://www.securityfocus.com/bid/10588/info SqWebMail is reported to be prone to an email header HTML injection vulnerability. This issue presents itself due to a failure of the application to properly sanitize user-supplied email...

Exploits0
NVD
NVD
added 2004/04/15 4:0 a.m.13 views

CVE-2004-0224

Multiple buffer overflows in 1 iso2022jp.c or 2 shiftjis.c for Courier-IMAP before 3.0.0, Courier before 0.45, and SqWebMail before 4.0.0 may allow remote attackers to execute arbitrary code "when Unicode character is out of BMP range."...

7.5CVSS7.7AI score0.03257EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2004/04/15 4:0 a.m.21 views

CVE-2004-0224

Multiple buffer overflows in 1 iso2022jp.c or 2 shiftjis.c for Courier-IMAP before 3.0.0, Courier before 0.45, and SqWebMail before 4.0.0 may allow remote attackers to execute arbitrary code "when Unicode character is out of BMP range."...

7.5CVSS6.5AI score0.03257EPSS
Exploits0References1
OSV
OSV
added 2004/04/15 4:0 a.m.8 views

CVE-2004-0224

Multiple buffer overflows in 1 iso2022jp.c or 2 shiftjis.c for Courier-IMAP before 3.0.0, Courier before 0.45, and SqWebMail before 4.0.0 may allow remote attackers to execute arbitrary code "when Unicode character is out of BMP range."...

7.6AI score
Exploits0References6
Debian CVE
Debian CVE
added 2004/03/16 5:0 a.m.44 views

CVE-2004-0224

Multiple buffer overflows in 1 iso2022jp.c or 2 shiftjis.c for Courier-IMAP before 3.0.0, Courier before 0.45, and SqWebMail before 4.0.0 may allow remote attackers to execute arbitrary code "when Unicode character is out of BMP range."...

7.5CVSS7.6AI score0.03257EPSS
Exploits0
Cvelist
Cvelist
added 2004/03/16 5:0 a.m.29 views

CVE-2004-0224

Multiple buffer overflows in 1 iso2022jp.c or 2 shiftjis.c for Courier-IMAP before 3.0.0, Courier before 0.45, and SqWebMail before 4.0.0 may allow remote attackers to execute arbitrary code "when Unicode character is out of BMP range."...

7.5AI score0.03257EPSS
Exploits0References4
CVE
CVE
added 2004/03/16 5:0 a.m.66 views

CVE-2004-0224

CVE-2004-0224 affects Courier-IMAP before 3.0.0, Courier before 0.45, and SqWebMail before 4.0.0. The issue is multiple buffer overflows in the Unicode converters (iso2022jp.c and shiftjis.c) that occur when a character is outside the BMP range, enabling remote code execution as described in the ...

7.5CVSS7.5AI score0.03257EPSS
Exploits0References4Affected Software3
securityvulns
securityvulns
added 2003/11/18 12:0 a.m.29 views

sqwebmail unauthorized access

Session hijacking via Referer is possible...

4AI score
Exploits0References1
securityvulns
securityvulns
added 2003/11/18 12:0 a.m.41 views

PCL-0002: Session Hijacking in "Sqwebmail"

--------------------------- PUCCIOLAB.ORG - ADVISORIES http://www.pucciolab.org --------------------------- PCL-0002: Session Hijacking in "Sqwebmail" --------------------------------------------------------------------------- PuCCiOLAB.ORG Security Advisories [email protected]...

0.9AI score
Exploits0
NVD
NVD
added 2002/11/29 5:0 a.m.16 views

CVE-2002-1311

Courier sqwebmail before 0.40.0 does not quickly drop privileges after startup in certain cases, which could allow local users to read arbitrary files...

4.6CVSS6.2AI score0.0034EPSS
Exploits0References4
OSV
OSV
added 2002/11/29 5:0 a.m.4 views

DEBIAN-CVE-2002-1311

Courier sqwebmail before 0.40.0 does not quickly drop privileges after startup in certain cases, which could allow local users to read arbitrary files...

4.6CVSS6.5AI score0.0034EPSS
Exploits0References1
OSV
OSV
added 2002/11/29 5:0 a.m.9 views

CVE-2002-1311

Courier sqwebmail before 0.40.0 does not quickly drop privileges after startup in certain cases, which could allow local users to read arbitrary files...

6.2AI score
Exploits0References5
Debian
Debian
added 2002/11/15 3:36 p.m.8 views

[SECURITY] [DSA 197-1] New sqwebmail packages fix local information exposure

-------------------------------------------------------------------------- Debian Security Advisory DSA 197-1 [email protected] http://www.debian.org/security/ Martin Schulze November 15th, 2002 http://www.debian.org/security/faq -...

0.3AI score
Exploits0
Debian
Debian
added 2002/11/15 3:36 p.m.26 views

[SECURITY] [DSA 197-1] New sqwebmail packages fix local information exposure

-------------------------------------------------------------------------- Debian Security Advisory DSA 197-1 [email protected] http://www.debian.org/security/ Martin Schulze November 15th, 2002 http://www.debian.org/security/faq -...

7.2AI score
Exploits0
Rows per page
Query Builder