Download
| Alert*
oval:org.secpod.oval:def:102939
SquirrelMail is a basic webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. oval:org.secpod.oval:def:600607 Various vulnerabilities have been found in SquirrelMail, a webmail application. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities: CVE-2010-4554 SquirrelMail did not prevent page rendering inside a third-party HTML frame, which makes it easier for remote attac ... oval:org.secpod.oval:def:102751 SquirrelMail is a basic webmail package written in PHP4. It includes built-in pure PHP support for the IMAP and SMTP protocols, and all pages render in pure HTML 4.0 for maximum compatibility across browsers. It has very few requirements and is very easy to configure and install. oval:org.secpod.oval:def:3929 The host is installed with Apple Mac OS X 10.6.8 and is prone to a security bypass vulnerability. A flaw is present in the application, which fails to handle a modified POP3 port number. Successful exploitation could allow remote authenticated users to bypass firewall restrictions. oval:org.secpod.oval:def:3927 The host is installed with Apple Mac OS X 10.6.8 and is prone to a click-jacking attack vulnerability. A flaw is present in the application, which fails to prevent page rendering inside a frame in a third-party HTML document. Successful exploitation could allow attackers to inject arbitrary code. oval:org.secpod.oval:def:202278 SquirrelMail is a standards-based webmail package written in PHP. A cross-site scripting flaw was found in the way SquirrelMail performed the sanitization of HTML style tag content. A remote attacker could use this flaw to send a specially-crafted Multipurpose Internet Mail Extensions message that ... oval:org.secpod.oval:def:500729 SquirrelMail is a standards-based webmail package written in PHP. A cross-site scripting flaw was found in the way SquirrelMail performed the sanitization of HTML style tag content. A remote attacker could use this flaw to send a specially-crafted Multipurpose Internet Mail Extensions message that ... oval:org.secpod.oval:def:3930 The host is missing a critical security update according to Apple advisory, APPLE-SA-2012-02-01-1. The update is required to fix multiple vulnerabilities. The flaws are present in the applications which fail to sanitize user supplied input. Successful exploitation could allow attackers to execute ar ... oval:org.secpod.oval:def:202233 SquirrelMail is a standards-based webmail package written in PHP. A cross-site scripting flaw was found in the way SquirrelMail performed the sanitization of HTML style tag content. A remote attacker could use this flaw to send a specially-crafted Multipurpose Internet Mail Extensions message that ... |