logo
DATABASE RESOURCES PRICING ABOUT US

Authorization Bypass

Description

squirrelmail is vulnerable to authorization bypass. THe vulnerability exists as SquirrelMail was allowed to be loaded into an HTML sub-frame, allowing a remote attacker to perform a clickjacking attack against logged in users and possibly gain access to sensitive user data.


Affected Software


CPE Name Name Version
squirrelmail 1.4.8__5.el4_8.8
squirrelmail 1.4.8__4.el5
squirrelmail 1.4.6__7.el4
squirrelmail 1.4.8__4.el4
squirrelmail 1.4.8__5.el4_7.3
squirrelmail 1.4.8__5.el4_7.2
squirrelmail 1.4.8__2.el4
squirrelmail 1.4.8__5.el4_8.5
squirrelmail 1.4.6__5.el4
squirrelmail 1.4.8__4.0.1.el4
squirrelmail 1.4.8__4.0.1.el5
squirrelmail 1.4.8__5.el4_8.8
squirrelmail 1.4.8__4.el5
squirrelmail 1.4.6__7.el4
squirrelmail 1.4.8__4.el4
squirrelmail 1.4.8__5.el4_7.3
squirrelmail 1.4.8__5.el4_7.2
squirrelmail 1.4.8__2.el4
squirrelmail 1.4.8__5.el4_8.5
squirrelmail 1.4.6__5.el4
squirrelmail 1.4.8__4.0.1.el4
squirrelmail 1.4.8__4.0.1.el5

Related