| Revision Date: | 2010-09-20 | Version: | 6 |
| Title: | SquirrelMail Cross-site Scripting Vulnerability II |
| Description: | Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php. |
| Family: | unix | Class: | vulnerability |
| Status: | ACCEPTED | Reference(s): | CVE-2004-0520
|
| Platform(s): | Red Hat Enterprise Linux 3
| Product(s): | SquirrelMail
|
| Definition Synopsis |
| Software section Red Hat Enterprise 3 is installed
AND squirrelmail rpm version prior to 1.4.3-0.e3.1 is installed
AND php rpm is installed
AND Configuration section
httpd is listening on the network
AND /etc/httpd/modules/libphp4.so exists
|