New Search

Multiple cross-site scripting (XSS) vulnerabilities in the HTML filter in SquirrelMail 1.4.0 through 1.4.9a allow remote attackers to inject arbitrary web script or HTML via the (1) data: URI in an HTML e-mail attachment or (2) various non-ASCII character sets that are not properly filtered when viewed with Microsoft Internet Explorer.

oval:org.mitre.oval:def:11712

Multiple cross-site scripting (XSS) vulnerabilities in the HTML filter in SquirrelMail 1.4.0 through 1.4.9a allow remote attackers to inject arbitrary web script or HTML via the (1) data: URI in an HTML e-mail attachment or (2) various non-ASCII character sets that are not properly filtered when viewed with Microsoft Internet Explorer.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • CentOS Linux 4
  • Red Hat Enterprise Linux 4
  • CentOS Linux 3
  • Oracle Linux 4
  • Red Hat Enterprise Linux 5
  • Oracle Linux 5
  • Red Hat Enterprise Linux 3
  • CentOS Linux 5
Class:
vulnerability
Reference(s):
  • CVE-2007-1262
Product(s):