Oval Definition:	oval:org.mitre.oval:def:21288
Revision Date: 2014-02-24 Version: 100 Title: RHSA-2012:0103: squirrelmail security update (Moderate) Description: Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to hijack the authentication of unspecified victims via vectors involving (1) the empty trash implementation and (2) the Index Order (aka options_order) page, a different issue than CVE-2010-4555. Family: unix Class: patch Status: ACCEPTED Reference(s): CESA-2012:0103 CVE-2010-1637 CVE-2010-2813 CVE-2010-4554 CVE-2010-4555 CVE-2011-2023 CVE-2011-2752 CVE-2011-2753 RHSA-2012:0103-01 Platform(s): CentOS Linux 5 Red Hat Enterprise Linux 5 Product(s): squirrelmail Definition Synopsis Redhat 5 section The operating system installed on the system is Red Hat Enterprise Linux 5 AND squirrelmail is earlier than 0:1.4.8-5.el5_7.13 OR Centos 5 section The operating system installed on the system is CentOS Linux 5.x AND squirrelmail is earlier than 0:1.4.8-5.el5.centos.13
BACK