OVAL Repository - View Definition: oval:org.mitre.oval:def:1006

OVAL Repository > View Definition

View Definition

NEW SEARCH : BACK

Definition Id: oval:org.mitre.oval:def:1006		Version: 3 Last Modified: 2010-09-02
Title:	SquirrelMail Cross-site Scripting Vulnerability I
Description:	Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php.
Family:	unix	Class:	vulnerability
Status:	ACCEPTED	Reference(s):	CVE-2004-0519
Platform(s):	Red Hat Enterprise Linux 3	Product(s):	SquirrelMail
Definition Synopsis:
Software section Red Hat Enterprise 3 is installed AND squirrelmail rpm version prior to 1.4.3-0.e3.1 is installed AND php rpm is installed AND Configuration section httpd is listening on the network AND /etc/httpd/modules/libphp4.so exists

NEW SEARCH : BACK

OVAL Repository

About the Repository

OVAL Repository Forum

Author’s Resources

Items of Interest