6.8

CVE-2004-0519

Exploit

EPSS 0.19%
Veröffentlicht 18.08.2004 04:00:00
Zuletzt bearbeitet 16.04.2026 00:27:16
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 21

NVD 18 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Sgi ≫ Propack Version3.0

Squirrelmail ≫ Squirrelmail Version1.0.4

Squirrelmail ≫ Squirrelmail Version1.0.5

Squirrelmail ≫ Squirrelmail Version1.2.0

Squirrelmail ≫ Squirrelmail Version1.2.1

Squirrelmail ≫ Squirrelmail Version1.2.2

Squirrelmail ≫ Squirrelmail Version1.2.3

Squirrelmail ≫ Squirrelmail Version1.2.4

Squirrelmail ≫ Squirrelmail Version1.2.5

Squirrelmail ≫ Squirrelmail Version1.2.6

Squirrelmail ≫ Squirrelmail Version1.2.7

Squirrelmail ≫ Squirrelmail Version1.2.8

Squirrelmail ≫ Squirrelmail Version1.2.9

Squirrelmail ≫ Squirrelmail Version1.2.10

Squirrelmail ≫ Squirrelmail Version1.2.11

Squirrelmail ≫ Squirrelmail Version1.4

Squirrelmail ≫ Squirrelmail Version1.4.1

Squirrelmail ≫ Squirrelmail Version1.4.2

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.19%	0.405

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	8.6	6.4	AV:N/AC:M/Au:N/C:P/I:P/A:P

Es wurden noch keine Informationen zu CWE veröffentlicht.

ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc

Patch

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000858

http://www.debian.org/security/2004/dsa-535

Patch

Vendor Advisory

http://marc.info/?l=bugtraq&m=108334862800260

http://rhn.redhat.com/errata/RHSA-2004-240.html

Patch

Vendor Advisory

http://secunia.com/advisories/11531

Patch

Vendor Advisory

http://secunia.com/advisories/11686

Patch

Vendor Advisory

http://secunia.com/advisories/11870

Patch

Vendor Advisory

http://secunia.com/advisories/12289

Patch

http://security.gentoo.org/glsa/glsa-200405-16.xml

Vendor Advisory

http://www.novell.com/linux/security/advisories/2005_19_sr.html

Vendor Advisory

http://www.securityfocus.com/advisories/6827

Patch

Vendor Advisory

http://www.securityfocus.com/archive/1/361857

http://www.securityfocus.com/bid/10246

Patch

Exploit

https://bugzilla.fedora.us/show_bug.cgi?id=1733

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/16025

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1006

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10274

https://nvd.nist.gov/vuln/detail/CVE-2004-0519

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2004-0519

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2004-0519

EUVD