Download
| Alert*
oval:org.secpod.oval:def:102939
SquirrelMail is a basic webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. oval:org.secpod.oval:def:600607 Various vulnerabilities have been found in SquirrelMail, a webmail application. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CVE-2010-4554 SquirrelMail did not prevent page rendering inside a third-party HTML frame, which makes it easier for remote attac ... oval:org.secpod.oval:def:102751 SquirrelMail is a basic webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. oval:org.secpod.oval:def:3918 The host is installed with Apple Mac OS X 10.6.8 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle a crafted STYLE element in an e-mail message. Successful exploitation could allow attackers to inject arbitrary web script or HTML. oval:org.secpod.oval:def:202278 SquirrelMail is a standards-based webmail package written in PHP. A cross-site scripting flaw was found in the way SquirrelMail performed the sanitization of HTML style tag content. A remote attacker could use this flaw to send a specially-crafted Multipurpose Internet Mail Extensions message that ... oval:org.secpod.oval:def:500729 SquirrelMail is a standards-based webmail package written in PHP. A cross-site scripting flaw was found in the way SquirrelMail performed the sanitization of HTML style tag content. A remote attacker could use this flaw to send a specially-crafted Multipurpose Internet Mail Extensions message that ... oval:org.secpod.oval:def:202233 SquirrelMail is a standards-based webmail package written in PHP. A cross-site scripting flaw was found in the way SquirrelMail performed the sanitization of HTML style tag content. A remote attacker could use this flaw to send a specially-crafted Multipurpose Internet Mail Extensions message that ... oval:org.secpod.oval:def:3930 The host is missing a critical security update according to Apple advisory, APPLE-SA-2012-02-01-1. The update is required to fix multiple vulnerabilities. The flaws are present in the applications which fail to sanitize user supplied input. Successful exploitation could allow attackers to execute ar ... |