Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2005:099
HistoryFeb 15, 2005 - 12:00 a.m.

(RHSA-2005:099) squirrelmail security update

2005-02-1500:00:00
access.redhat.com
16

EPSS

0.021

Percentile

89.1%

JSON

SquirrelMail is a standards-based webmail package written in PHP4.

Jimmy Conner discovered a missing variable initialization in Squirrelmail.
This flaw could allow potential insecure file inclusions on servers where
the PHP setting “register_globals” is set to “On”. This is not a default or
recommended setting. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-0075 to this issue.

A URL sanitisation bug was found in Squirrelmail. This flaw could allow a
cross site scripting attack when loading the URL for the sidebar. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2005-0103 to this issue.

A missing variable initialization bug was found in Squirrelmail. This flaw
could allow a cross site scripting attack. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2005-0104 to
this issue.

Users of Squirrelmail are advised to upgrade to this updated package,
which contains backported patches to correct these issues.

Related

gentoo 1
nessus 8
openvas 9
redhat 1
freebsd 1
securityvulns 1
ubuntucve 3
cve 3
cvelist 3
nvd 3
veracode 1
debian 4
osv 1
gentoo
gentoo
SquirrelMail: Multiple vulnerabilities
2005-01-28 00:00:00
nessus
nessus
GLSA-200501-39 : SquirrelMail: Multiple vulnerabilities
2005-02-14 00:00:00
RHEL 4 : squirrelmail (RHSA-2005:099)
2005-02-22 00:00:00
SquirrelMail < 1.4.4 Multiple Vulnerabilities
2005-01-24 00:00:00
openvas
openvas
SquirrelMail < 1.4.4 XSS Vulnerabilities
2005-11-03 00:00:00
Gentoo Security Advisory GLSA 200501-39 (SquirrelMail)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200501-39 (SquirrelMail)
2008-09-24 00:00:00
redhat
redhat
(RHSA-2005:135) squirrelmail security update
2005-02-10 00:00:00
freebsd
freebsd
squirrelmail -- XSS and remote code injection vulnerabilities
2005-01-29 00:00:00
securityvulns
securityvulns
SquirrelMail Security Advisory
2005-01-30 00:00:00
ubuntucve
ubuntucve
CVE-2005-0104
2005-01-29 00:00:00
CVE-2005-0103
2005-01-24 00:00:00
CVE-2005-0075
2005-01-29 00:00:00
cve
cve
CVE-2005-0103
2005-02-06 05:00:00
CVE-2005-0104
2005-02-06 05:00:00
CVE-2005-0075
2005-02-06 05:00:00
cvelist
cvelist
CVE-2005-0103
2005-02-06 05:00:00
CVE-2005-0104
2005-02-06 05:00:00
CVE-2005-0075
2005-02-06 05:00:00
nvd
nvd
CVE-2005-0103
2005-01-24 05:00:00
CVE-2005-0104
2005-01-29 05:00:00
CVE-2005-0075
2005-01-29 05:00:00
veracode
veracode
Code Injection
2019-07-09 06:36:28
debian
debian
[SECURITY] [DSA 662-1] New squirrelmail package fixes several vulnerabilities
2005-02-01 14:44:23
[SECURITY] [DSA 662-2] New squirrelmail package fixes regression
2005-03-14 14:24:00
[SECURITY] [DSA 662-2] New squirrelmail package fixes regression
2005-03-14 14:24:00
osv
osv
squirrelmail - several
2005-03-14 00:00:00

EPSS

0.021

Percentile

89.1%

JSON
Related for RHSA-2005:099
gentoo1nessus8openvas9redhat1freebsd1securityvulns1ubuntucve3cve3cvelist3nvd3veracode1debian4osv1