SquirrelMail Malformed HTML Mail Message HTML Injection Vulnerability

Bugtraq ID: 32603
Class: Input Validation Error
CVE: CVE-2008-2379
Remote: Yes
Local: No
Published: Dec 03 2008 12:00AM
Updated: Apr 13 2015 09:19PM
Credit: Ivan Markovic
Vulnerable: SuSE openSUSE 10.3
SquirrelMail SquirrelMail 1.4.16
RedHat Enterprise Linux WS 4
RedHat Enterprise Linux WS 3
RedHat Enterprise Linux ES 4
RedHat Enterprise Linux ES 3
RedHat Enterprise Linux Desktop Workstation 5 client
RedHat Enterprise Linux Desktop version 4
RedHat Desktop 3.0
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux AS 3
Red Hat Enterprise Linux 5 Server
Debian Linux 4.0 sparc
Debian Linux 4.0 s/390
Debian Linux 4.0 powerpc
Debian Linux 4.0 mipsel
Debian Linux 4.0 mips
Debian Linux 4.0 m68k
Debian Linux 4.0 ia-64
Debian Linux 4.0 ia-32
Debian Linux 4.0 hppa
Debian Linux 4.0 arm
Debian Linux 4.0 amd64
Debian Linux 4.0 alpha
Debian Linux 4.0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus