• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

SquirrelMail Variable Handling Vulnerability

SquirrelMail is affected by an insecure variable handling vulnerability.

It was reported that an attacker can exploit this vulnerability to disclose and manipulate users' preferences, write arbitrary files in the context of 'www-data', carry out cross-site scripting and various other attacks.

Due to a lack of information, further details cannot be described at the moment. This BID will be update when more information becomes available.