Oval Definition:	oval:org.opensuse.security:def:20066142
Revision Date: 2015-11-16 Version: 1 Title: CVE-2006-6142 Description: Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.0 through 1.4.9 allow remote attackers to inject arbitrary web script or HTML via the (1) mailto parameter in (a) webmail.php, the (2) session and (3) delete_draft parameters in (b) compose.php, and (4) unspecified vectors involving "a shortcoming in the magicHTML filter." Family: unix Class: vulnerability Status: Reference(s): CVE-2006-6142 Platform(s): openSUSE 10.2 SUSE LINUX 10.0 SUSE LINUX 10.1 SUSE LINUX 9.3 Product(s): Definition Synopsis Release Information suse100 is installed AND squirrelmail less than 1.4.5-5.9 OR suse101 is installed AND squirrelmail less than 1.4.5-18.4 OR suse93 is installed AND squirrelmail less than 1.4.2-64.15 OR Package Information suse100 is installed AND squirrelmail less than 1.4.5-5.12 OR suse101 is installed AND squirrelmail less than 1.4.5-18.7 OR suse93 is installed AND squirrelmail less than 1.4.2-64.17 OR Package Information suse100 is installed AND squirrelmail less than 1.4.5-5.9 OR suse101 is installed AND squirrelmail less than 1.4.5-18.4 OR suse93 is installed AND squirrelmail less than 1.4.2-64.15
BACK