PT-2006-4864 · Squirrelmail+1 · Squirrelmail+1

Publicado

2006-08-11

Atualizado

2018-10-17

CVE-2006-4019

CVSS v2.0

6.4

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions SquirrelMail versions 1.4.0 through 1.4.7

Description The issue allows remote attackers to overwrite arbitrary program variables and read or write the attachments and preferences of other users due to a dynamic variable evaluation vulnerability in compose.php.

Recommendations For SquirrelMail versions 1.4.0 through 1.4.7, update to a version that contains a fix for this issue to prevent exploitation.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2006-4019

DSA-1154

RHSA-2006:0668

RHSA-2006_0668

Produtos afetados

Red Hat

Squirrelmail

PT-2006-4864 · Squirrelmail+1 · Squirrelmail+1

CVE-2006-4019

Identificadores relacionados

Produtos afetados

Referências · 34