Oval Definition:	oval:org.mitre.oval:def:1012
Revision Date: 2010-09-20 Version: 6 Title: SquirrelMail Cross-site Scripting Vulnerability II Description: Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2004-0520 Platform(s): Red Hat Enterprise Linux 3 Product(s): SquirrelMail Definition Synopsis Software section Red Hat Enterprise 3 is installed AND squirrelmail rpm version prior to 1.4.3-0.e3.1 is installed AND php rpm is installed AND Configuration section httpd is listening on the network AND /etc/httpd/modules/libphp4.so exists
BACK