MitreCVELIST:CVE-2006-4019CVE-2006-4019
Dynamic variable evaluation vulnerability in compose.php in SquirrelMail 1.4.0 to 1.4.7 allows remote attackers to overwrite arbitrary program variables and read or write the attachments and preferences of other users.
References
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc
attrition.org/pipermail/vim/2006-August/000970.html
docs.info.apple.com/article.html?artnum=306172
lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
marc.info/?l=full-disclosure&m=115532449024178&w=2
secunia.com/advisories/21354
secunia.com/advisories/21444
secunia.com/advisories/21586
secunia.com/advisories/22080
secunia.com/advisories/22104
secunia.com/advisories/22487
secunia.com/advisories/26235
securitytracker.com/id?1016689
www.debian.org/security/2006/dsa-1154
www.mandriva.com/security/advisories?name=MDKSA-2006:147
www.novell.com/linux/security/advisories/2006_23_sr.html
www.osvdb.org/27917
www.redhat.com/support/errata/RHSA-2006-0668.html
www.securityfocus.com/archive/1/442980/100/0/threaded
www.securityfocus.com/archive/1/442993/100/0/threaded
www.securityfocus.com/bid/19486
www.securityfocus.com/bid/25159
www.squirrelmail.org/patches/sqm1.4.7-expired-post-fix-full.patch
www.squirrelmail.org/security/issue/2006-08-11
www.vupen.com/english/advisories/2006/3271
www.vupen.com/english/advisories/2007/2732
exchange.xforce.ibmcloud.com/vulnerabilities/28365
issues.rpath.com/browse/RPL-577
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11533
Related
