5.8
CVE-2011-2752
- EPSS 1.94%
- Veröffentlicht 17.07.2011 20:55:01
- Zuletzt bearbeitet 16.06.2026 23:31:55
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
CRLF injection vulnerability in SquirrelMail 1.4.21 and earlier allows remote attackers to modify or add preference values via a \n (newline) character, a different vulnerability than CVE-2010-4555.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Squirrelmail ≫ Squirrelmail Version <= 1.4.21
Squirrelmail ≫ Squirrelmail Version0.1
Squirrelmail ≫ Squirrelmail Version0.1.1
Squirrelmail ≫ Squirrelmail Version0.1.2
Squirrelmail ≫ Squirrelmail Version0.2
Squirrelmail ≫ Squirrelmail Version0.2.1
Squirrelmail ≫ Squirrelmail Version0.3
Squirrelmail ≫ Squirrelmail Version0.3.1
Squirrelmail ≫ Squirrelmail Version0.3pre1
Squirrelmail ≫ Squirrelmail Version0.3pre2
Squirrelmail ≫ Squirrelmail Version0.4
Squirrelmail ≫ Squirrelmail Version0.4pre1
Squirrelmail ≫ Squirrelmail Version0.4pre2
Squirrelmail ≫ Squirrelmail Version0.5
Squirrelmail ≫ Squirrelmail Version0.5pre1
Squirrelmail ≫ Squirrelmail Version0.5pre2
Squirrelmail ≫ Squirrelmail Version1.0
Squirrelmail ≫ Squirrelmail Version1.0.1
Squirrelmail ≫ Squirrelmail Version1.0.2
Squirrelmail ≫ Squirrelmail Version1.0.3
Squirrelmail ≫ Squirrelmail Version1.0.4
Squirrelmail ≫ Squirrelmail Version1.0.5
Squirrelmail ≫ Squirrelmail Version1.0.6
Squirrelmail ≫ Squirrelmail Version1.0pre1
Squirrelmail ≫ Squirrelmail Version1.0pre2
Squirrelmail ≫ Squirrelmail Version1.0pre3
Squirrelmail ≫ Squirrelmail Version1.1.0
Squirrelmail ≫ Squirrelmail Version1.1.1
Squirrelmail ≫ Squirrelmail Version1.1.2
Squirrelmail ≫ Squirrelmail Version1.1.3
Squirrelmail ≫ Squirrelmail Version1.2
Squirrelmail ≫ Squirrelmail Version1.2.0
Squirrelmail ≫ Squirrelmail Version1.2.0 Updaterc3
Squirrelmail ≫ Squirrelmail Version1.2.1
Squirrelmail ≫ Squirrelmail Version1.2.2
Squirrelmail ≫ Squirrelmail Version1.2.3
Squirrelmail ≫ Squirrelmail Version1.2.4
Squirrelmail ≫ Squirrelmail Version1.2.5
Squirrelmail ≫ Squirrelmail Version1.2.6
Squirrelmail ≫ Squirrelmail Version1.2.6 Updaterc1
Squirrelmail ≫ Squirrelmail Version1.2.7
Squirrelmail ≫ Squirrelmail Version1.2.8
Squirrelmail ≫ Squirrelmail Version1.2.9
Squirrelmail ≫ Squirrelmail Version1.2.10
Squirrelmail ≫ Squirrelmail Version1.2.11
Squirrelmail ≫ Squirrelmail Version1.3.0
Squirrelmail ≫ Squirrelmail Version1.3.1
Squirrelmail ≫ Squirrelmail Version1.3.2
Squirrelmail ≫ Squirrelmail Version1.4
Squirrelmail ≫ Squirrelmail Version1.4 Updaterc1
Squirrelmail ≫ Squirrelmail Version1.4.0
Squirrelmail ≫ Squirrelmail Version1.4.0 Updaterc1
Squirrelmail ≫ Squirrelmail Version1.4.0 Updaterc2a
Squirrelmail ≫ Squirrelmail Version1.4.0-r1
Squirrelmail ≫ Squirrelmail Version1.4.1
Squirrelmail ≫ Squirrelmail Version1.4.2
Squirrelmail ≫ Squirrelmail Version1.4.2-r1
Squirrelmail ≫ Squirrelmail Version1.4.2-r2
Squirrelmail ≫ Squirrelmail Version1.4.2-r3
Squirrelmail ≫ Squirrelmail Version1.4.2-r4
Squirrelmail ≫ Squirrelmail Version1.4.2-r5
Squirrelmail ≫ Squirrelmail Version1.4.3
Squirrelmail ≫ Squirrelmail Version1.4.3 Updater3
Squirrelmail ≫ Squirrelmail Version1.4.3 Updaterc1
Squirrelmail ≫ Squirrelmail Version1.4.3a
Squirrelmail ≫ Squirrelmail Version1.4.3aa
Squirrelmail ≫ Squirrelmail Version1.4.4
Squirrelmail ≫ Squirrelmail Version1.4.4 Updaterc1
Squirrelmail ≫ Squirrelmail Version1.4.5
Squirrelmail ≫ Squirrelmail Version1.4.5 Updaterc1
Squirrelmail ≫ Squirrelmail Version1.4.6
Squirrelmail ≫ Squirrelmail Version1.4.6 Updaterc1
Squirrelmail ≫ Squirrelmail Version1.4.6_cvs
Squirrelmail ≫ Squirrelmail Version1.4.7
Squirrelmail ≫ Squirrelmail Version1.4.8
Squirrelmail ≫ Squirrelmail Version1.4.8.4fc6
Squirrelmail ≫ Squirrelmail Version1.4.9
Squirrelmail ≫ Squirrelmail Version1.4.9a
Squirrelmail ≫ Squirrelmail Version1.4.10
Squirrelmail ≫ Squirrelmail Version1.4.10a
Squirrelmail ≫ Squirrelmail Version1.4.11
Squirrelmail ≫ Squirrelmail Version1.4.12
Squirrelmail ≫ Squirrelmail Version1.4.13
Squirrelmail ≫ Squirrelmail Version1.4.15
Squirrelmail ≫ Squirrelmail Version1.4.15 Updaterc1
Squirrelmail ≫ Squirrelmail Version1.4.15rc1
Squirrelmail ≫ Squirrelmail Version1.4.16
Squirrelmail ≫ Squirrelmail Version1.4.17
Squirrelmail ≫ Squirrelmail Version1.4.18
Squirrelmail ≫ Squirrelmail Version1.4.19
Squirrelmail ≫ Squirrelmail Version1.4.20
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.94% | 0.774 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.8 | 8.6 | 4.9 |
AV:N/AC:M/Au:N/C:N/I:P/A:P
|
CWE-94 Improper Control of Generation of Code ('Code Injection')
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
http://rhn.redhat.com/errata/RHSA-2012-0103.html
http://www.debian.org/security/2011/dsa-2291
http://www.mandriva.com/security/advisories?name=MDVSA-2011:123
http://www.squirrelmail.org/security/issue/2011-07-11
https://exchange.xforce.ibmcloud.com/vulnerabilities/68587