CVE-2006-4019
N/A
N/A
Summary
Dynamic variable evaluation vulnerability in compose.php in SquirrelMail 1.4.0 to 1.4.7 allows remote attackers to overwrite arbitrary program variables and read or write the attachments and preferences of other users.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://secunia.com/advisories/21586
- https://issues.rpath.com/browse/RPL-577
- http://www.vupen.com/english/advisories/2007/2732
- http://www.debian.org/security/2006/dsa-1154
- http://secunia.com/advisories/21354
- http://secunia.com/advisories/22487
- http://securitytracker.com/id?1016689
- http://www.novell.com/linux/security/advisories/2006_23_sr.html
- http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
- http://www.vupen.com/english/advisories/2006/3271
- http://secunia.com/advisories/21444
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28365
- http://secunia.com/advisories/22080
- http://attrition.org/pipermail/vim/2006-August/000970.html
- http://www.securityfocus.com/bid/19486
- http://www.redhat.com/support/errata/RHSA-2006-0668.html
- http://www.squirrelmail.org/patches/sqm1.4.7-expired-post-fix-full.patch
- http://www.squirrelmail.org/security/issue/2006-08-11
- http://secunia.com/advisories/22104
- http://www.securityfocus.com/archive/1/442993/100/0/threaded
- http://www.securityfocus.com/archive/1/442980/100/0/threaded
- http://marc.info/?l=full-disclosure&m=115532449024178&w=2
- http://www.osvdb.org/27917
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11533
- http://docs.info.apple.com/article.html?artnum=306172
- http://www.securityfocus.com/bid/25159
- ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:147
- http://secunia.com/advisories/26235
References
- http://secunia.com/advisories/21586
- https://issues.rpath.com/browse/RPL-577
- http://www.vupen.com/english/advisories/2007/2732
- http://www.debian.org/security/2006/dsa-1154
- http://secunia.com/advisories/21354
- http://secunia.com/advisories/22487
- http://securitytracker.com/id?1016689
- http://www.novell.com/linux/security/advisories/2006_23_sr.html
- http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html
- http://www.vupen.com/english/advisories/2006/3271
- http://secunia.com/advisories/21444
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28365
- http://secunia.com/advisories/22080
- http://attrition.org/pipermail/vim/2006-August/000970.html
- http://www.securityfocus.com/bid/19486
- http://www.redhat.com/support/errata/RHSA-2006-0668.html
- http://www.squirrelmail.org/patches/sqm1.4.7-expired-post-fix-full.patch
- http://www.squirrelmail.org/security/issue/2006-08-11
- http://secunia.com/advisories/22104
- http://www.securityfocus.com/archive/1/442993/100/0/threaded
- http://www.securityfocus.com/archive/1/442980/100/0/threaded
- http://marc.info/?l=full-disclosure&m=115532449024178&w=2
- http://www.osvdb.org/27917
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11533
- http://docs.info.apple.com/article.html?artnum=306172
- http://www.securityfocus.com/bid/25159
- ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:147
- http://secunia.com/advisories/26235
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.