Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2004-1036
HistoryMar 01, 2005 - 5:00 a.m.

CVE-2004-1036

2005-03-0105:00:00
mitre
web.nvd.nist.gov
103
cve-2004-1036
cross-site scripting
xss
squirrelmail
mime.php
remote code execution
nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

5.9

Confidence

High

EPSS

0.027

Percentile

90.5%

JSON

Cross-site scripting (XSS) vulnerability in the decoding of encoded text in certain headers in mime.php for SquirrelMail 1.4.3a and earlier, and 1.5.1-cvs before 23rd October 2004, allows remote attackers to execute arbitrary web script or HTML.

Affected configurations

Nvd
Node
squirrelmailsquirrelmailMatch1.0.4
OR
squirrelmailsquirrelmailMatch1.0.5
OR
squirrelmailsquirrelmailMatch1.2
OR
squirrelmailsquirrelmailMatch1.2.1
OR
squirrelmailsquirrelmailMatch1.2.2
OR
squirrelmailsquirrelmailMatch1.2.3
OR
squirrelmailsquirrelmailMatch1.2.4
OR
squirrelmailsquirrelmailMatch1.2.5
OR
squirrelmailsquirrelmailMatch1.2.6
OR
squirrelmailsquirrelmailMatch1.2.7
OR
squirrelmailsquirrelmailMatch1.2.8
OR
squirrelmailsquirrelmailMatch1.2.9
OR
squirrelmailsquirrelmailMatch1.2.10
OR
squirrelmailsquirrelmailMatch1.2.11
OR
squirrelmailsquirrelmailMatch1.4
OR
squirrelmailsquirrelmailMatch1.4.1
OR
squirrelmailsquirrelmailMatch1.4.2
OR
squirrelmailsquirrelmailMatch1.4.3
OR
squirrelmailsquirrelmailMatch1.4.3_rc1
OR
squirrelmailsquirrelmailMatch1.4.3a
OR
squirrelmailsquirrelmailMatch1.5_dev
Node
gentoolinux
VendorProductVersionCPE
squirrelmailsquirrelmail1.0.4cpe:2.3:a:squirrelmail:squirrelmail:1.0.4:*:*:*:*:*:*:*
squirrelmailsquirrelmail1.0.5cpe:2.3:a:squirrelmail:squirrelmail:1.0.5:*:*:*:*:*:*:*
squirrelmailsquirrelmail1.2cpe:2.3:a:squirrelmail:squirrelmail:1.2:*:*:*:*:*:*:*
squirrelmailsquirrelmail1.2.1cpe:2.3:a:squirrelmail:squirrelmail:1.2.1:*:*:*:*:*:*:*
squirrelmailsquirrelmail1.2.2cpe:2.3:a:squirrelmail:squirrelmail:1.2.2:*:*:*:*:*:*:*
squirrelmailsquirrelmail1.2.3cpe:2.3:a:squirrelmail:squirrelmail:1.2.3:*:*:*:*:*:*:*
squirrelmailsquirrelmail1.2.4cpe:2.3:a:squirrelmail:squirrelmail:1.2.4:*:*:*:*:*:*:*
squirrelmailsquirrelmail1.2.5cpe:2.3:a:squirrelmail:squirrelmail:1.2.5:*:*:*:*:*:*:*
squirrelmailsquirrelmail1.2.6cpe:2.3:a:squirrelmail:squirrelmail:1.2.6:*:*:*:*:*:*:*
squirrelmailsquirrelmail1.2.7cpe:2.3:a:squirrelmail:squirrelmail:1.2.7:*:*:*:*:*:*:*
Rows per page:
1-10 of 221

Related

openvas 6
gentoo 1
redhat 1
nessus 7
ubuntucve 1
cvelist 1
nvd 1
securityvulns 1
freebsd 1
openvas
openvas
FreeBSD Ports: ja-squirrelmail
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200411-25 (SquirrelMail)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200411-25 (SquirrelMail)
2008-09-24 00:00:00
gentoo
gentoo
SquirrelMail: Encoded text XSS vulnerability
2004-11-17 00:00:00
redhat
redhat
(RHSA-2004:654) squirrelmail security update
2004-12-23 00:00:00
nessus
nessus
RHEL 3 : squirrelmail (RHSA-2004:654)
2004-12-27 00:00:00
GLSA-200411-25 : SquirrelMail: Encoded text XSS vulnerability
2004-11-17 00:00:00
SquirrelMail decodeHeader Arbitrary HTML Injection
2004-11-13 00:00:00
ubuntucve
ubuntucve
CVE-2004-1036
2005-03-01 00:00:00
cvelist
cvelist
CVE-2004-1036
2004-11-16 05:00:00
nvd
nvd
CVE-2004-1036
2005-03-01 05:00:00
securityvulns
securityvulns
SquirrelMail Security Advisory
2005-01-30 00:00:00
freebsd
freebsd
squirrelmail -- XSS and remote code injection vulnerabilities
2005-01-29 00:00:00

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

5.9

Confidence

High

EPSS

0.027

Percentile

90.5%

JSON
Related for CVE-2004-1036
openvas6gentoo1redhat1nessus7ubuntucve1cvelist1nvd1securityvulns1freebsd1