QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2006-4019

Back to search

CVE-2006-4019

Published: Aug 11, 2006

Modified: Aug 7, 2024

PUBLISHED

Description

Dynamic variable evaluation vulnerability in compose.php in SquirrelMail 1.4.0 to 1.4.7 allows remote attackers to overwrite arbitrary program variables and read or write the attachments and preferences of other users.

VendorProductVersions

n/a

n/a

affected
n/a

References

21586
third-party-advisory
x_refsource_SECUNIA
ADV-2007-2732
vdb-entry
x_refsource_VUPEN
DSA-1154
vendor-advisory
x_refsource_DEBIAN
21354
third-party-advisory
x_refsource_SECUNIA
22487
third-party-advisory
x_refsource_SECUNIA
1016689
vdb-entry
x_refsource_SECTRACK
SUSE-SR:2006:023
vendor-advisory
x_refsource_SUSE
APPLE-SA-2007-07-31
vendor-advisory
x_refsource_APPLE
ADV-2006-3271
vdb-entry
x_refsource_VUPEN
21444
third-party-advisory
x_refsource_SECUNIA
22080
third-party-advisory
x_refsource_SECUNIA
19486
vdb-entry
x_refsource_BID
RHSA-2006:0668
vendor-advisory
x_refsource_REDHAT
22104
third-party-advisory
x_refsource_SECUNIA
20060811 rPSA-2006-0152-1 squirrelmail
mailing-list
x_refsource_BUGTRAQ
20060811 rPSA-2006-0152-1 squirrelmail
mailing-list
x_refsource_FULLDISC
27917
vdb-entry
x_refsource_OSVDB
oval:org.mitre.oval:def:11533
vdb-entry
signature
x_refsource_OVAL
25159
vdb-entry
x_refsource_BID
MDKSA-2006:147
vendor-advisory
x_refsource_MANDRIVA
26235
third-party-advisory
x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now