Oval Definition:
oval:org.mitre.oval:def:8286
Revision Date
:
2015-02-23
Version
:
20
Title
:
DSA-1682 squirrelmail -- insufficient input sanitising
Description
:
Ivan Markovic discovered that SquirrelMail, a webmail application, did not sufficiently sanitise incoming HTML email, allowing an attacker to perform cross site scripting through sending a malicious HTML email.
Family
:
unix
Class
:
patch
Status
:
ACCEPTED
Reference(s)
:
CVE-2008-2379
DSA-1682
Platform(s)
:
Debian GNU/Linux 4.0
Product(s)
:
squirrelmail
Definition Synopsis
Debian GNU/Linux 4.0 is installed.
AND
Installed architecture is all
AND
squirrelmail is earlier than 2:1.4.9a-3
BACK