Showing 1 - 4 of 4

CVE-2010-4554

Status Candidate

Overview

functions/page_header.php in SquirrelMail 1.4.21 and earlier does not prevent page rendering inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.

Related Files

Red Hat Security Advisory 2012-0103-01: Posted Feb 8, 2012; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2012-0103-01 - SquirrelMail is a standards-based webmail package written in PHP. A cross-site scripting flaw was found in the way SquirrelMail performed the sanitization of HTML style tag content. A remote attacker could use this flaw to send a specially-crafted Multipurpose Internet Mail Extensions message that, when opened by a victim, would lead to arbitrary web script execution in the context of their SquirrelMail session. Multiple cross-site scripting flaws were found in SquirrelMail. A remote attacker could possibly use these flaws to execute arbitrary web script in the context of a victim's SquirrelMail session.; tags | advisory, remote, web, arbitrary, php, xss; systems | linux, redhat; advisories | CVE-2010-1637, CVE-2010-2813, CVE-2010-4554, CVE-2010-4555, CVE-2011-2023, CVE-2011-2752, CVE-2011-2753; MD5 | 9446f18bb80aba02d2ea7a955548017a; Download | Favorite | Comments (0)

Apple Security Advisory 2012-02-01-1: Posted Feb 3, 2012; Authored by Apple | Site apple.com; Apple Security Advisory 2012-02-01-1 - Apple has addressed 48 security vulnerabilities. These issues existed in packages such as Address Book, Apache, CFNetwork, ColorSync, CoreAudio, CoreMedia, CoreText, curl and much more.; tags | advisory, vulnerability; systems | apple; advisories | CVE-2010-1637, CVE-2010-2813, CVE-2010-4554, CVE-2010-4555, CVE-2011-0200, CVE-2011-0241, CVE-2011-1148, CVE-2011-1167, CVE-2011-1657, CVE-2011-1752, CVE-2011-1783, CVE-2011-1921, CVE-2011-1938, CVE-2011-2023, CVE-2011-2192, CVE-2011-2202, CVE-2011-2204, CVE-2011-2483, CVE-2011-2895, CVE-2011-2937, CVE-2011-3182, CVE-2011-3189, CVE-2011-3246, CVE-2011-3248, CVE-2011-3249, CVE-2011-3250, CVE-2011-3252, CVE-2011-3256; MD5 | 8fe868bea54053b8adeccaecf10eb251; Download | Favorite | Comments (0)

Mandriva Linux Security Advisory 2011-123: Posted Aug 15, 2011; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2011-123 - Multiple vulnerabilities has been discovered and corrected in squirrelmail. These range from clickjacking to cross site scripting issues. The updated packages have been upgraded to the 1.4.22 version which is not vulnerable to these issues.; tags | advisory, vulnerability, xss; systems | linux, mandriva; advisories | CVE-2010-4554, CVE-2010-4555, CVE-2011-2023, CVE-2011-2752, CVE-2011-2753; MD5 | f90cfa6b611cf49ef8d9f0b166b8fb57; Download | Favorite | Comments (0)

Debian Security Advisory 2291-1: Posted Aug 9, 2011; Authored by Debian | Site debian.org; Debian Linux Security Advisory 2291-1 - Various vulnerabilities have been found in SquirrelMail, a webmail application.; tags | advisory, vulnerability; systems | linux, debian; advisories | CVE-2010-4554, CVE-2010-4555, CVE-2011-2023, CVE-2011-2752, CVE-2011-2753; MD5 | 38f07346e3e190147cb8f6a58cbc1762; Download | Favorite | Comments (0)

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 180 files
Gentoo 72 files
Ubuntu 27 files
Apple 9 files
thelastvvv 6 files
nu11secur1ty 5 files
Eldar Marcussen 5 files
Hodorsec 4 files
Felipe Winsnes 4 files
redtimmysec 4 files

File Archives

Systems

AIX (417)
Apple (1,712)
BSD (366)
Cisco (1,885)
Debian (5,944)
Fedora (1,688)
FreeBSD (1,239)
Gentoo (3,805)
HPUX (871)
iOS (245)
iPhone (107)
IRIX (220)
Juniper (67)
Linux (37,229)
Mac OS X (664)
Mandriva (3,105)
NetBSD (255)
OpenBSD (470)
RedHat (8,309)
Slackware (941)
Solaris (1,588)
SUSE (1,444)
Ubuntu (6,600)
UNIX (8,620)
UnixWare (178)
Windows (5,610)
Other

CVE-2010-4554

Overview

Related Files

File Archive:

April 2020

Top Authors In Last 30 Days

File Tags

File Archives

Systems