|
|
SquirrelMail Email Header HTML Injection Vulnerability
|
Bugtraq ID:
|
10439
|
|
Class:
|
Input Validation Error
|
|
CVE:
|
CAN-2004-0520
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
May 31 2004 12:00AM
|
|
Updated:
|
May 31 2004 12:00AM
|
|
Credit:
|
Disclosure of this issue is credited to Roman Medina <roman@rs-labs.com>.
|
|
Vulnerable:
|
SquirrelMail SquirrelMail 1.5 Development Version
SquirrelMail SquirrelMail 1.4.3 RC1
SquirrelMail SquirrelMail 1.4.2
+
MandrakeSoft Corporate Server 3.0 x86_64
+
MandrakeSoft Corporate Server 3.0
+
MandrakeSoft Corporate Server 3.0
+
MandrakeSoft Corporate Server 3.0
+
RedHat Fedora Core2
+
RedHat Fedora Core2
+
RedHat Fedora Core2
SquirrelMail SquirrelMail 1.4.1
SquirrelMail SquirrelMail 1.4
SquirrelMail SquirrelMail 1.2.11
SquirrelMail SquirrelMail 1.2.10
SquirrelMail SquirrelMail 1.2.9
SquirrelMail SquirrelMail 1.2.8
+
Terra Soft Solutions Yellow Dog Linux 3.0
SquirrelMail SquirrelMail 1.2.7
+
RedHat Linux 8.0
SquirrelMail SquirrelMail 1.2.6
+
Debian Linux 3.0 sparc
+
Debian Linux 3.0 s/390
+
Debian Linux 3.0 s/390
+
Debian Linux 3.0 ppc
+
Debian Linux 3.0 ppc
+
Debian Linux 3.0 mipsel
+
Debian Linux 3.0 mipsel
+
Debian Linux 3.0 mips
+
Debian Linux 3.0 mips
+
Debian Linux 3.0 m68k
+
Debian Linux 3.0 m68k
+
Debian Linux 3.0 ia-64
+
Debian Linux 3.0 ia-64
+
Debian Linux 3.0 ia-32
+
Debian Linux 3.0 ia-32
+
Debian Linux 3.0 hppa
+
Debian Linux 3.0 hppa
+
Debian Linux 3.0 arm
+
Debian Linux 3.0 arm
+
Debian Linux 3.0 alpha
+
Debian Linux 3.0 alpha
+
Debian Linux 3.0
+
Debian Linux 3.0
SquirrelMail SquirrelMail 1.2.5
SquirrelMail SquirrelMail 1.2.4
SquirrelMail SquirrelMail 1.2.3
SquirrelMail SquirrelMail 1.2.2
SquirrelMail SquirrelMail 1.2.1
SquirrelMail SquirrelMail 1.2 .0
SGI ProPack 3.0
RedHat Linux 9.0 i386
Open Webmail Open Webmail 2.32
Open Webmail Open Webmail 2.31
Open Webmail Open Webmail 2.30
|
|
|
|
Not Vulnerable:
|
SquirrelMail SquirrelMail 1.4.8
|
|
|
