Debian Linux Security Advisory 4168-1 - Florian Grunow und Birk Kauer of ERNW discovered a path traversal vulnerability in SquirrelMail, a webmail application, allowing an authenticated remote attacker to retrieve or delete arbitrary files via mail attachment.
d0014f08f3c5957e61470ac98bd0379cc1713736f30c868502c64cb8fbcc5952