Showing 1 - 4 of 4

CVE-2010-4554

Status Candidate

Overview

functions/page_header.php in SquirrelMail 1.4.21 and earlier does not prevent page rendering inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.

Related Files

Red Hat Security Advisory 2012-0103-01: Posted Feb 8, 2012; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2012-0103-01 - SquirrelMail is a standards-based webmail package written in PHP. A cross-site scripting flaw was found in the way SquirrelMail performed the sanitization of HTML style tag content. A remote attacker could use this flaw to send a specially-crafted Multipurpose Internet Mail Extensions message that, when opened by a victim, would lead to arbitrary web script execution in the context of their SquirrelMail session. Multiple cross-site scripting flaws were found in SquirrelMail. A remote attacker could possibly use these flaws to execute arbitrary web script in the context of a victim's SquirrelMail session.; tags | advisory, remote, web, arbitrary, php, xss; systems | linux, redhat; advisories | CVE-2010-1637, CVE-2010-2813, CVE-2010-4554, CVE-2010-4555, CVE-2011-2023, CVE-2011-2752, CVE-2011-2753; MD5 | 9446f18bb80aba02d2ea7a955548017a; Download | Favorite | View

Apple Security Advisory 2012-02-01-1: Posted Feb 3, 2012; Authored by Apple | Site apple.com; Apple Security Advisory 2012-02-01-1 - Apple has addressed 48 security vulnerabilities. These issues existed in packages such as Address Book, Apache, CFNetwork, ColorSync, CoreAudio, CoreMedia, CoreText, curl and much more.; tags | advisory, vulnerability; systems | apple; advisories | CVE-2010-1637, CVE-2010-2813, CVE-2010-4554, CVE-2010-4555, CVE-2011-0200, CVE-2011-0241, CVE-2011-1148, CVE-2011-1167, CVE-2011-1657, CVE-2011-1752, CVE-2011-1783, CVE-2011-1921, CVE-2011-1938, CVE-2011-2023, CVE-2011-2192, CVE-2011-2202, CVE-2011-2204, CVE-2011-2483, CVE-2011-2895, CVE-2011-2937, CVE-2011-3182, CVE-2011-3189, CVE-2011-3246, CVE-2011-3248, CVE-2011-3249, CVE-2011-3250, CVE-2011-3252, CVE-2011-3256; MD5 | 8fe868bea54053b8adeccaecf10eb251; Download | Favorite | View

Mandriva Linux Security Advisory 2011-123: Posted Aug 15, 2011; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2011-123 - Multiple vulnerabilities has been discovered and corrected in squirrelmail. These range from clickjacking to cross site scripting issues. The updated packages have been upgraded to the 1.4.22 version which is not vulnerable to these issues.; tags | advisory, vulnerability, xss; systems | linux, mandriva; advisories | CVE-2010-4554, CVE-2010-4555, CVE-2011-2023, CVE-2011-2752, CVE-2011-2753; MD5 | f90cfa6b611cf49ef8d9f0b166b8fb57; Download | Favorite | View

Debian Security Advisory 2291-1: Posted Aug 9, 2011; Authored by Debian | Site debian.org; Debian Linux Security Advisory 2291-1 - Various vulnerabilities have been found in SquirrelMail, a webmail application.; tags | advisory, vulnerability; systems | linux, debian; advisories | CVE-2010-4554, CVE-2010-4555, CVE-2011-2023, CVE-2011-2752, CVE-2011-2753; MD5 | 38f07346e3e190147cb8f6a58cbc1762; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 76 files
Ubuntu 73 files
Gentoo 18 files
Adaptive Security Consulting 13 files
Apple 6 files
Google Security Research 5 files
Rahul Ramkumar 4 files
Pietro Oliva 4 files
LiquidWorm 3 files
s1l3nt78 3 files

File Archives

Systems

AIX (418)
Apple (1,741)
BSD (368)
Cisco (1,896)
Debian (5,945)
Fedora (1,688)
FreeBSD (1,241)
Gentoo (3,944)
HPUX (872)
iOS (273)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (38,409)
Mac OS X (668)
Mandriva (3,105)
NetBSD (255)
OpenBSD (472)
RedHat (9,028)
Slackware (941)
Solaris (1,593)
SUSE (1,444)
Ubuntu (6,877)
UNIX (8,735)
UnixWare (179)
Windows (5,669)
Other

CVE-2010-4554

Overview

Related Files

File Archive:

September 2020

Top Authors In Last 30 Days

File Tags

File Archives

Systems