Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1131

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-1131
Last Modified 05 Sep 2008 04:29:52
Published 04 Oct 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1131

Summary

Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and earlier allows remote attackers to execute script as other web users via (1) addressbook.php, (2) options.php, (3) search.php, or (4) help.php.

Vulnerable Systems

Application

  • Squirrelmail 1.2.7


References

BID - 5763

REDHAT - RHSA-2002:204

XF - squirrelmail-php-xss(10145)

DEBIAN - DSA-191

BUGTRAQ - 20020919 Squirrel Mail 1.2.7 XSS Exploit

CONFIRM - http://sourceforge.net/project/shownotes.php?group_id=311&release_id=110774


Last Updated: 27 May 2016 10:37:12