SquirrelMail Multiple Cross Site Scripting Vulnerabilities
|
Bugtraq ID:
|
23910
|
|
Class:
|
Input Validation Error
|
|
CVE:
|
CVE-2007-1262
CVE-2007-2589
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
May 09 2007 12:00AM
|
|
Updated:
|
Aug 02 2007 12:05AM
|
|
Credit:
|
Mikhail Markin, Tomas Kuliavas and Michael Jordon are credited with the discovery of these vulnerabilities.
|
|
Vulnerable:
|
SquirrelMail SquirrelMail 1.4.9 a
+
Debian Linux 4.0
SquirrelMail SquirrelMail 1.4.8
SquirrelMail SquirrelMail 1.4.7
SquirrelMail SquirrelMail 1.4.6 -rc1
SquirrelMail SquirrelMail 1.4.6 -cvs
SquirrelMail SquirrelMail 1.4.6
SquirrelMail SquirrelMail 1.4.5
+
MandrakeSoft Corporate Server 3.0 x86_64
+
MandrakeSoft Corporate Server 3.0
+
MandrakeSoft Corporate Server 3.0
+
MandrakeSoft Corporate Server 3.0
SquirrelMail SquirrelMail 1.4.4 RC1
SquirrelMail SquirrelMail 1.4.4
+
Debian Linux 3.1 sparc
+
Debian Linux 3.1 s/390
+
Debian Linux 3.1 s/390
+
Debian Linux 3.1 s/390
+
Debian Linux 3.1 ppc
+
Debian Linux 3.1 ppc
+
Debian Linux 3.1 ppc
+
Debian Linux 3.1 mipsel
+
Debian Linux 3.1 mipsel
+
Debian Linux 3.1 mipsel
+
Debian Linux 3.1 mips
+
Debian Linux 3.1 mips
+
Debian Linux 3.1 mips
+
Debian Linux 3.1 m68k
+
Debian Linux 3.1 m68k
+
Debian Linux 3.1 m68k
+
Debian Linux 3.1 ia-64
+
Debian Linux 3.1 ia-64
+
Debian Linux 3.1 ia-64
+
Debian Linux 3.1 ia-32
+
Debian Linux 3.1 ia-32
+
Debian Linux 3.1 ia-32
+
Debian Linux 3.1 hppa
+
Debian Linux 3.1 hppa
+
Debian Linux 3.1 hppa
+
Debian Linux 3.1 arm
+
Debian Linux 3.1 arm
+
Debian Linux 3.1 arm
+
Debian Linux 3.1 alpha
+
Debian Linux 3.1 alpha
+
Debian Linux 3.1 alpha
+
Debian Linux 3.1
+
Debian Linux 3.1
+
Debian Linux 3.1
+
Gentoo Linux
+
Gentoo Linux
+
Gentoo Linux
SquirrelMail SquirrelMail 1.4.3 RC1
SquirrelMail SquirrelMail 1.4.3 r3
+
Gentoo Linux
SquirrelMail SquirrelMail 1.4.3 a
+
Redhat Fedora Core3
+
Redhat Fedora Core3
+
Redhat Fedora Core3
+
Redhat Fedora Core2
+
Redhat Fedora Core2
SquirrelMail SquirrelMail 1.4.3
SquirrelMail SquirrelMail 1.4.2
+
MandrakeSoft Corporate Server 3.0 x86_64
+
MandrakeSoft Corporate Server 3.0
+
MandrakeSoft Corporate Server 3.0
+
MandrakeSoft Corporate Server 3.0
+
Redhat Fedora Core2
+
Redhat Fedora Core2
+
Redhat Fedora Core2
SquirrelMail SquirrelMail 1.4.1
SquirrelMail SquirrelMail 1.4 RC1
SquirrelMail SquirrelMail 1.4
SquirrelMail SquirelMail 1.4.10
SquirrelMail SquirelMail 1.4.10a
SGI ProPack 3.0 SP6
rPath rPath Linux 1
Redhat Enterprise Linux WS 4
Redhat Enterprise Linux WS 3
Redhat Enterprise Linux ES 4
Redhat Enterprise Linux ES 3
Redhat Enterprise Linux Desktop 5 client
Redhat Enterprise Linux AS 4
Redhat Enterprise Linux AS 3
Redhat Enterprise Linux 5 Server
Redhat Desktop 4.0
Redhat Desktop 3.0
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
MandrakeSoft Corporate Server 4.0
Apple Mac OS X Server 10.4.10
Apple Mac OS X Server 10.4.9
Apple Mac OS X Server 10.4.8
Apple Mac OS X Server 10.4.7
Apple Mac OS X Server 10.4.6
Apple Mac OS X Server 10.4.5
Apple Mac OS X Server 10.4.4
Apple Mac OS X Server 10.4.3
Apple Mac OS X Server 10.4.2
Apple Mac OS X Server 10.4.1
Apple Mac OS X Server 10.4
Apple Mac OS X Server 10.3.9
Apple Mac OS X Server 10.3.8
Apple Mac OS X Server 10.3.7
Apple Mac OS X Server 10.3.6
Apple Mac OS X Server 10.3.5
Apple Mac OS X Server 10.3.4
Apple Mac OS X Server 10.3.3
Apple Mac OS X Server 10.3.2
Apple Mac OS X Server 10.3.1
Apple Mac OS X Server 10.3
Apple Mac OS X 10.4.10
Apple Mac OS X 10.4.9
Apple Mac OS X 10.4.8
Apple Mac OS X 10.4.7
Apple Mac OS X 10.4.6
Apple Mac OS X 10.4.5
Apple Mac OS X 10.4.4
Apple Mac OS X 10.4.3
Apple Mac OS X 10.4.2
Apple Mac OS X 10.4.1
Apple Mac OS X 10.4
Apple Mac OS X 10.3.9
Apple Mac OS X 10.3.8
Apple Mac OS X 10.3.7
Apple Mac OS X 10.3.6
Apple Mac OS X 10.3.5
Apple Mac OS X 10.3.4
Apple Mac OS X 10.3.3
Apple Mac OS X 10.3.2
Apple Mac OS X 10.3.1
Apple Mac OS X 10.3
|
|
|
|
Not Vulnerable:
|
|
|
