漏洞信息详情
多个SquirrelMail跨站脚本漏洞
- CNNVD编号:CNNVD-200304-032
- 危害等级: 中危
![图片[1]-多个SquirrelMail跨站脚本漏洞-一一网](https://www.proyy.com/skycj/data/images/2021-05-12/30f462579bec41fc25e0b1d57503e6d6.png)
- CVE编号:
CVE-2003-0160
- 漏洞类型:
跨站脚本
- 发布时间:
2003-04-02
- 威胁类型:
远程
- 更新时间:
2005-10-20
- 厂 商:
squirrelmail - 漏洞来源:
SquirrelMail -
漏洞简介
SquirrelMail 1.2.11之前版本存在多个跨站脚本(XSS)漏洞。远程攻击者利用该漏洞注入任意HTML代码且盗取来自客户端web浏览器的信息。
漏洞公告
Red Hat has released a security advisory (RHSA-2003:112-01) containing fixes which address this issue. Users are advised to upgrade as soon as possible.
Squirrelmail 1.2.11 has been released to address this vulnerability.
Conectiva has released a security advisory (CLA-2004:858) to address multiple issues in squirrelmail. Please see the referenced advisory for more information.
Fixes:
SquirrelMail SquirrelMail 1.0.4
-
SquirrelMail squirrelmail-1.2.11
http://www.squirrelmail.org/download.php
SquirrelMail SquirrelMail 1.0.5
-
SquirrelMail squirrelmail-1.2.11
http://www.squirrelmail.org/download.php
SquirrelMail SquirrelMail 1.2 .0
-
SquirrelMail squirrelmail-1.2.11
http://www.squirrelmail.org/download.php
SquirrelMail SquirrelMail 1.2.1
-
SquirrelMail squirrelmail-1.2.11
http://www.squirrelmail.org/download.php
SquirrelMail SquirrelMail 1.2.10
-
Red Hat squirrelmail-1.2.11-1.noarch.rpmRed Hat Linux 8.0
ftp://updates.redhat.com/8.0/en/os/noarch/squirrelmail-1.2.11-1.noarch
.rpm -
Red Hat squirrelmail-1.2.11-1.noarch.rpmRed Hat Linux 9
ftp://updates.redhat.com/9/en/os/noarch/squirrelmail-1.2.11-1.noarch.r
pm -
Red Hat squirrelmail-1.2.11-1.src.rpmRed Hat Linux 8.0
ftp://updates.redhat.com/8.0/en/os/SRPMS/squirrelmail-1.2.11-1.src.rpm
-
Red Hat squirrelmail-1.2.11-1.src.rpmRed Hat Linux 9
ftp://updates.redhat.com/9/en/os/SRPMS/squirrelmail-1.2.11-1.src.rpm -
SquirrelMail squirrelmail-1.2.11
http://www.squirrelmail.org/download.php
SquirrelMail SquirrelMail 1.2.2
-
SquirrelMail squirrelmail-1.2.11
http://www.squirrelmail.org/download.php
SquirrelMail SquirrelMail 1.2.3
-
SquirrelMail squirrelmail-1.2.11
http://www.squirrelmail.org/download.php
SquirrelMail SquirrelMail 1.2.4
-
SquirrelMail squirrelmail-1.2.11
http://www.squirrelmail.org/download.php
SquirrelMail SquirrelMail 1.2.5
-
SquirrelMail squirrelmail-1.2.11
http://www.squirrelmail.org/download.php
SquirrelMail SquirrelMail 1.2.6
-
Conectiva squirrelmail-1.4.3a-13677U90_1cl.noarch.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/squirrelmail-1.4.3a-13677U9
0_1cl.noarch.rpm -
Conectiva squirrelmail-doc-1.4.3a-13677U90_1cl.noarch.rpm
ftp://atualizacoes.conectiva.com.br/9/RPMS/squirrelmail-doc-1.4.3a-136
77U90_1cl.noarch.rpm -
SquirrelMail squirrelmail-1.2.11
http://www.squirrelmail.org/download.php
SquirrelMail SquirrelMail 1.2.7
-
SquirrelMail squirrelmail-1.2.11
http://www.squirrelmail.org/download.php
SquirrelMail SquirrelMail 1.2.8
-
SquirrelMail squirrelmail-1.2.11
http://www.squirrelmail.org/download.php -
Terra Soft Solutions squirrelmail-1.2.11-1.noarch.rpm
ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/yellowdog-3.0/ppc/s
quirrelmail-1.2.11-1.noarch.rpm
SquirrelMail SquirrelMail 1.2.9
-
SquirrelMail squirrelmail-1.2.11
http://www.squirrelmail.org/download.php
参考网址
来源: sourceforge.net
链接:http://sourceforge.net/mailarchive/forum.php?thread_id=1641953&forum_id=1988
来源: REDHAT
名称: RHSA-2003:112
链接:http://www.redhat.com/support/errata/RHSA-2003-112.html
来源: US Government Resource: oval:org.mitre.oval:def:614
名称: oval:org.mitre.oval:def:614
链接:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:614
![[桜井宁宁]COS和泉纱雾超可爱写真福利集-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/4d3cf227a85d7e79f5d6b4efb6bde3e8.jpg)
![[桜井宁宁] 爆乳奶牛少女cos写真-一一网](https://www.proyy.com/skycj/data/images/2020-12-13/d40483e126fcf567894e89c65eaca655.jpg)
