CVE-2005-2095

2005-07-1300:00:00

ubuntu.com

0.006 Low

EPSS

Percentile

77.7%

JSON

options_identities.php in SquirrelMail 1.4.4 and earlier uses the extract
function to process the $_POST variable, which allows remote attackers to
modify or read the preferences of other users, conduct cross-site scripting
XSS) attacks, and write arbitrary files.

OSVersionArchitecturePackageVersionFilename
ubuntu6.06noarchsquirrelmail< 1.4.6-1ubuntu0.1UNKNOWN
ubuntu6.10noarchsquirrelmail< 1.4.8-1ubuntu0.1UNKNOWN
ubuntu7.04noarchsquirrelmail< 1.4.9a-1ubuntu0.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	6.06	noarch	squirrelmail	< 1.4.6-1ubuntu0.1	UNKNOWN
ubuntu	6.10	noarch	squirrelmail	< 1.4.8-1ubuntu0.1	UNKNOWN
ubuntu	7.04	noarch	squirrelmail	< 1.4.9a-1ubuntu0.1	UNKNOWN