Oval Definition:	oval:org.mitre.oval:tst:30956
Comment: squirrelmail is earlier than 0:1.4.3a-9.EL4 Type: rpminfo_test Namespace: linux Check_Existence: at_least_one_exists Check: at least one State Operator: AND References Object: oval:org.mitre.oval:obj:14331 State: oval:org.mitre.oval:ste:9508 Referencing Definitions Definition ID Class Title Last Modified oval:org.mitre.oval:def:9587 V prefs.php in SquirrelMail before 1.4.4, with register_globals enabled, allows remote attackers to inject local code into the SquirrelMail code via custom preference handlers. 2013-04-29 oval:org.mitre.oval:def:10568 V Cross-site scripting (XSS) vulnerability in webmail.php in SquirrelMail before 1.4.4 allows remote attackers to inject arbitrary web script or HTML via certain integer variables. 2013-04-29 oval:org.mitre.oval:def:10670 V PHP remote file inclusion vulnerability in webmail.php in SquirrelMail before 1.4.4 allows remote attackers to execute arbitrary PHP code by modifying a URL parameter to reference a URL on a remote web server that contains the code. 2013-04-29
BACK