|
|
CVE Reference: CVE-2006-3174 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-3174 |
|
|
Description: Cross-site scripting (XSS) vulnerability in search.php in SquirrelMail 1.5.1 and earlier, when register_globals is enabled, allows remote attackers to inject arbitrary HTML via the mailbox parameter. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/26941 SAID Secunia Advisory: SA26235 OSVDB 26610 MISC http://pridels.blogspot.com/2006/06/squirrelmail-151-xss-vuln.html MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:147 CONFIRM http://docs.info.apple.com/article.html?artnum=306172 BID 18700 25159 APPLE http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html |
|
| Return to the previous page. |
