===================================================================== CERT-Renater Note d'Information No. 2006/VULN549 _____________________________________________________________________ DATE : 07/12/2006 HARDWARE PLATFORM(S) : / OPERATING SYSTEM(S) : Systems running squirrelmail. ====================================================================== http://www.squirrelmail.org/security/issue/2006-12-02 ---------------------------------------------------------------------- Cross site scripting in compose, draft & HTML mail viewing Date: 2006-12-02 Description: Cross site scripting via malicious input the mailto parameter of webmail.php, the session and delete_draft parameters of compose.php. This has been addressed in 1.4.9. Cross site scripting via a shortcoming in the magicHTML filter. This has been addressed in 1.4.9 and improved in 1.4.9a. Affected Versions: 1.4.0 - 1.4.9 Register Globals: Register_globals does not have to be on for this issue. CVE id('s): CVE-2006-6142 Patch: view patch http://www.squirrelmail.org/patches/1.4.9-security/stable/ Credits: Thanks go to Martijn Brinkers for his continuous research that uncovered these problems. ====================================================================== ========================================================= Les serveurs de référence du CERT-Renater http://www.urec.fr/securite http://www.cru.fr/securite http://www.renater.fr ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 151 bd de l'Hopital | fax : 01-53-94-20-41 + + 75013 Paris | email: certsvp@renater.fr + =========================================================