AlphaOne Technology Support Forums
Welcome, Guest. Please login or register.
December 02, 2008, 12:28:20 PM

Login with username, password and session length
Search:     Advanced search
1733 Posts in 827 Topics by 4756 Members
Latest Member: Uobeley
* Home Help Search Login Register
AlphaOne Technology Support Forums  |  Virtuozzo & Dedicated Servers  |  Security Alerts  |  Topic: SquirrelMail Multiple Cross Site Scripting Vulnerabilities 0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: SquirrelMail Multiple Cross Site Scripting Vulnerabilities  (Read 714 times)
Brad
SysAdmin
Tech Team
Hero Member
********
Offline Offline

Posts: 391



View Profile
SquirrelMail Multiple Cross Site Scripting Vulnerabilities
« on: June 16, 2005, 10:55:54 PM »
  * Technical Description *

Multiple vulnerabilities were identified in SquirrelMail, which may be exploited by malicious users to conduct cross site scripting attacks. These flaws are due to input validation errors when handling specially crafted parameters, which could be exploited to cause arbitrary scripting code to be executed by the user's browser via either URL manipulation or by sending a specially crafted email to a victim.

 * Affected Products *

SquirrelMail versions 1.4.0 through 1.4.4

 * Solution *

Apply the patch :
http://prdownloads.sourceforge.net/squirrelmail/sqm-144-xss.patch?download

 * References *

http://www.frsirt.com/english/advisories/2005/0800
http://www.squirrelmail.org/security/issue/2005-06-15
Logged
Mambo Hosting Resources
Pages: [1] Go Up Print 
AlphaOne Technology Support Forums  |  Virtuozzo & Dedicated Servers  |  Security Alerts  |  Topic: SquirrelMail Multiple Cross Site Scripting Vulnerabilities « previous next »
Jump to:  

Powered by MySQL Powered by PHP AlphaOne Technology Support Forums | Powered by SMF 1.0.7.
© 2001-2005, Lewis Media. All Rights Reserved. 		Valid XHTML 1.0! Valid CSS!