|
SquirrelMail Email Header HTML Injection Vulnerability
Solution: The vendor has released an upgrade dealing with this issue. This issue has been fixed in the current stable version of Open WebMail. RedHat has released an advisory (FEDORA-2004-160) to address this and other issues in Fedora Core 2. Please see the referenced advisory for more information. RedHat has released an advisory (RHSA-2004:240-06) to address this and other issues in Red Hat Enterprise Linux. Please see the advisory in web references for more information. Gentoo has released a security advisory (GLSA 200406-08) to address this issue. Please see the referenced advisory for more information. Gentoo users may carry out the following commands to update their computers: emerge sync emerge -pv ">=mail-client/squirrelmail-1.4.3" emerge ">=mail-client/squirrelmail-1.4.3" SGI has released a security advisory (20040604-01-U) to address this and other issues in SGI ProPack 3. Please see the referenced advisory for more information. Debian has released security advisory DSA 535-1 with fixes to address this issue. Conectiva has released a security advisory (CLA-2004:858) to address multiple issues in squirrelmail. Please see the referenced advisory for more information. The Fedora Legacy project has released advisory FLSA:1733 along with fixes to address multiple issues in SquirrelMail for RedHat Linux 9. Please see the referenced advisory for further information. SquirrelMail SquirrelMail 1.2 .0
SquirrelMail SquirrelMail 1.2.1
SquirrelMail SquirrelMail 1.2.2
SquirrelMail SquirrelMail 1.2.3
SquirrelMail SquirrelMail 1.2.4
SquirrelMail SquirrelMail 1.2.5
SquirrelMail SquirrelMail 1.2.6
SquirrelMail SquirrelMail 1.4
SquirrelMail SquirrelMail 1.4.1
SquirrelMail SquirrelMail 1.4.2
SquirrelMail SquirrelMail 1.4.8
Open Webmail Open Webmail 2.30
Open Webmail Open Webmail 2.31
Open Webmail Open Webmail 2.32
SGI ProPack 3.0
|
|
|
Privacy Statement |
