Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-2086

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2002-2086
Last Modified 05 Sep 2008 04:32:17
Published 31 Dec 2002 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2002-2086

Summary

Multiple cross-site scripting (XSS) vulnerabilities in magicHTML of SquirrelMail before 1.2.6 allow remote attackers to inject arbitrary web script or HTML via (1) "<

Vulnerable Systems

Application

  • Squirrelmail 1.2.0

  • Squirrelmail 1.2.1

  • Squirrelmail 1.2.2

  • Squirrelmail 1.2.3

  • Squirrelmail 1.2.4

  • Squirrelmail 1.2.5


References

XF - squirrelmail-html-attachment-xss(9009)

XF - squirrelmail-header-xss(9008)

BID - 4667

BID - 4666

CONFIRM - http://www.squirrelmail.org/changelog.php

CONFIRM - http://sourceforge.net/tracker/index.php?func=detail&aid=545933&group_id=311&atid=100311

CONFIRM - http://sourceforge.net/tracker/index.php?func=detail&aid=544658&group_id=311&atid=100311


Last Updated: 27 May 2016 10:37:36