CVE-2010-4554

Published: Jul 14, 2011

Modified: Aug 7, 2024

PUBLISHED

Description

functions/page_header.php in SquirrelMail 1.4.21 and earlier does not prevent page rendering inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

DSA-2291

vendor-advisory

x_refsource_DEBIAN

squirrelmail-http-clickjacking(68512)

vdb-entry

x_refsource_XF

http://support.apple.com/kb/HT5130

x_refsource_CONFIRM

http://www.squirrelmail.org/security/issue/2011-07-12

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=720693

x_refsource_CONFIRM

MDVSA-2011:123

vendor-advisory

x_refsource_MANDRIVA

APPLE-SA-2012-02-01-1

vendor-advisory

x_refsource_APPLE

http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/branches/SM-1_4-STABLE/squirrelmail/functions/page_header.php?view=patch&r1=14117&r2=14116&pathrev=14117

x_refsource_CONFIRM

RHSA-2012:0103

vendor-advisory

x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2010-4554

Description

Affected Products

References