CVE-2005-2820

Related Files

Ubuntu Security Notice 201-1

Posted Oct 12, 2005

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice USN-201-1 - Several Cross Site Scripting vulnerabilities were discovered in SqWebmail. A remote attacker could exploit this to execute arbitrary JavaScript or other active HTML embeddable content in the web browser of an SqWebmail user by sending specially crafted emails to him.

tags | advisory, remote, web, arbitrary, javascript, vulnerability, xss

systems | linux, ubuntu

advisories | CVE-2005-2724, CVE-2005-2769, CVE-2005-2820

SHA-256 | 77f385a07aab0f26683455daa55f4dceae7dee8e270e80256706eace3763bca8

Download | Favorite | View

Debian Linux Security Advisory 820-1

Posted Sep 26, 2005

Authored by Debian | Site debian.org

Debian Security Advisory DSA 820-1 - Jakob Balle discovered that with Conditional Comments in Internet Explorer it is possible to hide javascript code in comments that will be executed when the browser views a malicious email via sqwebmail. Successful exploitation requires that the user is using Internet Explorer.

tags | advisory, javascript

systems | linux, debian

advisories | CVE-2005-2820

SHA-256 | d39e1b10d15a759ca8220ce2607902c1ac4d3eea7d83cd7421c8f083820eb551

Download | Favorite | View