Secunia Logo  
 Vulnerability InformationVulnerability ScanningCommunityBlog - new entry!Corporate InformationOnline ShopCustomer Login  
 Secunia AdvisoriesSecunia ResearchBinary Analysis  
Home > Vulnerability Information > Secunia Advisories > CVE-2004-0639
Secunia Advisories
Advisories
Search
Advisories by Product
Advisories by Vendor
Historic Advisories
Mailing Lists
Report Vulnerability
Contact Form
Business Solutions Restricted
Partner Solutions Restricted
About


Secunia PSI WorldMap 		 
CVE Reference: CVE-2004-0639
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2004-0639

Description:
Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1.2.10 and earlier allow remote attackers to inject arbitrary HTML or script via (1) the $mailer variable in read_body.php, (2) the $senderNames_part variable in mailbox_display.php, and possibly other vectors including (3) the $event_title variable or (4) the $event_text variable.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/16285

MISC
  http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt

DEBIAN
  http://www.debian.org/security/2004/dsa-535

CONFIRM
  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=257973

CONECTIVA
  http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000858

BUGTRAQ
  http://marc.theaimsgroup.com/?l=bugtraq&m=108611554415078&w=2

BID
  10450


Return to the previous page.


Contact | Terms & Conditions and Copyright | Report Vulnerability | Press | Jobs (open positions) | About Secunia
Copyright Secunia 2002-2009