Lucene search
RedhatCVE-2007-6348HistoryDec 14, 2007 - 7:46 p.m.
CVE-2007-6348
2007-12-1419:46:00
CWE-94
redhat
web.nvd.nist.gov
39
4
squirrelmail
cve-2007-6348
php
remote file inclusion
sourceforge
vulnerability
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
Low
EPSS
0.101
Percentile
94.9%
SquirrelMail 1.4.11 and 1.4.12, as distributed on sourceforge.net before 20071213, has been externally modified to create a Trojan Horse that introduces a PHP remote file inclusion vulnerability, which allows remote attackers to execute arbitrary code.
Affected configurations
Node
squirrelmailsquirrelmailMatch1.4.11
ORsquirrelmailsquirrelmailMatch1.4.12
| Vendor | Product | Version | CPE |
|---|---|---|---|
| squirrelmail | squirrelmail | 1.4.11 | cpe:/a:squirrelmail:squirrelmail:1.4.11::: |
| squirrelmail | squirrelmail | 1.4.12 | cpe:/a:squirrelmail:squirrelmail:1.4.12::: |
References
Social References
More
Related
cvelist
cvelist
CVE-2007-6348
2007-12-14 19:00:00
nvd
nvd
CVE-2007-6348
2007-12-14 19:46:00
ubuntucve
ubuntucve
CVE-2007-6348
2007-12-14 00:00:00
prion
prion
Remote file inclusion
2007-12-14 19:46:00
fedora
fedora
[SECURITY] Fedora 8 Update: squirrelmail-1.4.16-1.fc8
2008-10-24 23:48:16
[SECURITY] Fedora 8 Update: squirrelmail-1.4.17-1.fc8
2008-12-07 04:33:45
openvas
openvas
Fedora Update for squirrelmail FEDORA-2008-9071
2009-02-17 00:00:00
Fedora Update for squirrelmail FEDORA-2008-9071
2009-02-17 00:00:00
Fedora Update for squirrelmail FEDORA-2008-10918
2009-02-16 00:00:00
CVSS2
6.8
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
AI Score
7.3
Confidence
Low
EPSS
0.101
Percentile
94.9%
Related for CVE-2007-6348