Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2006-AVI-095
Vulnerability from certfr_avis
Plusieures vulnérabilités dans SquirrelMail permettent à un utilisateur mal intentionné de porter atteinte à l'intégrité ou à la confidentialité des données et également de réaliser une attaque de type Cross-Site Scripting.
Description
Trois vulnérabilités ont été identifiées dans SquirrelMail :
- La première vulnérabilité est due à un manque de contrôle du paramètre right_main du fichier webmail.php. Elle permet à un utilisateur distant mal intentionné d'injecter du code et de réaliser une attaque de type Cross-Site Scripting par le biais d'un courrier électronique malicieusement construit.
- La deuxième vulnérabilité est due à un manque de contrôle dans le traitement des lignes de commentaires dans les zones de définition de styles. Elle permet à un utilisateur distant d'injecter du code et de réaliser une attaque de type Cross-Site Scripting par le biais d'un courrier électronique malicieusement construit.
- La dernière vulnérabilité est due à un manque de contrôle du paramètre sqimap_mailbox_select. Elle permet à un utilisateur local et identifié d'exécuter des commandes IMAP ou SMTP arbitraires et de porter ainsi atteinte à l'intégrité ou la confidentialité des données présentes dans les comptes de messagerie.
Solution
La version CVS de SquirrelMail corrige le problème.
SquirrelMail versions 1.4.5 et antérieures.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |
|---|---|---|---|
|
|
|||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cTT\u003eSquirrelMail\u003c/TT\u003e versions 1.4.5 et ant\u00e9rieures.",
"content": "## Description\n\nTrois vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans SquirrelMail :\n\n- La premi\u00e8re vuln\u00e9rabilit\u00e9 est due \u00e0 un manque de contr\u00f4le du\n param\u00e8tre right_main du fichier webmail.php. Elle permet \u00e0 un\n utilisateur distant mal intentionn\u00e9 d\u0027injecter du code et de\n r\u00e9aliser une attaque de type Cross-Site Scripting par le biais d\u0027un\n courrier \u00e9lectronique malicieusement construit.\n- La deuxi\u00e8me vuln\u00e9rabilit\u00e9 est due \u00e0 un manque de contr\u00f4le dans le\n traitement des lignes de commentaires dans les zones de d\u00e9finition\n de styles. Elle permet \u00e0 un utilisateur distant d\u0027injecter du code\n et de r\u00e9aliser une attaque de type Cross-Site Scripting par le biais\n d\u0027un courrier \u00e9lectronique malicieusement construit.\n- La derni\u00e8re vuln\u00e9rabilit\u00e9 est due \u00e0 un manque de contr\u00f4le du\n param\u00e8tre sqimap_mailbox_select. Elle permet \u00e0 un utilisateur local\n et identifi\u00e9 d\u0027ex\u00e9cuter des commandes IMAP ou SMTP arbitraires et de\n porter ainsi atteinte \u00e0 l\u0027int\u00e9grit\u00e9 ou la confidentialit\u00e9 des\n donn\u00e9es pr\u00e9sentes dans les comptes de messagerie.\n\n## Solution\n\nLa version CVS de SquirrelMail corrige le probl\u00e8me.\n",
"cves": [
{
"name": "CVE-2006-0195",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-0195"
},
{
"name": "CVE-2006-0377",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-0377"
},
{
"name": "CVE-2006-0188",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-0188"
}
],
"initial_release_date": "2006-02-28T00:00:00",
"last_revision_date": "2006-03-13T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 SquirrelMail du 15 f\u00e9vrier 2006 :",
"url": "http://www.squirrelmail.org/security/issue/2006-02-15"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Mandriva du 27 f\u00e9vrier 2006 :",
"url": "http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:049"
},
{
"title": "Site de SquirrelMail :",
"url": "http://www.squirrelmail.org"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SquirrelMail du 10 f\u00e9vrier 2006 :",
"url": "http://www.squirrelmail.org/security/issue/2006-02-10"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-988 du 08 mars 2006 :",
"url": "http://www.debian.org/security/2006/dsa-988"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Gentoo GLSA 200603-09 du 12 mars 2006 :",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200603-09.xml"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SR:2006:005 du 03 mars 2006 :",
"url": "http://www.novell.com/linux/security/advisories/2006_05_sr.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 FreeBSD pour squirrelmail du 24 f\u00e9vrier 2006 :",
"url": "http://www.vuxml.org/freebsd/pkg-squirrelmail.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 SquirrelMail du 01 f\u00e9vrier 2006 :",
"url": "http://www.squirrelmail.org/security/issue/2006-02-01"
}
],
"reference": "CERTA-2006-AVI-095",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2006-02-28T00:00:00.000000"
},
{
"description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 FreeBSD.",
"revision_date": "2006-03-08T00:00:00.000000"
},
{
"description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Debian.",
"revision_date": "2006-03-09T00:00:00.000000"
},
{
"description": "ajout des r\u00e9f\u00e9rences aux bulletins de s\u00e9curit\u00e9 SUSE et Gentoo.",
"revision_date": "2006-03-13T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Attaque de type cross-site scripting"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Plusieures vuln\u00e9rabilit\u00e9s dans SquirrelMail permettent \u00e0 un utilisateur\nmal intentionn\u00e9 de porter atteinte \u00e0 l\u0027int\u00e9grit\u00e9 ou \u00e0 la confidentialit\u00e9\ndes donn\u00e9es et \u00e9galement de r\u00e9aliser une attaque de type Cross-Site\nScripting.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Squirrelmail",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletins de s\u00e9curit\u00e9 SquirrelMail du 15 f\u00e9vrier 2006",
"url": null
},
{
"published_at": null,
"title": "Bulletins de s\u00e9curit\u00e9 SquirrelMail du 10 f\u00e9vrier 2006",
"url": null
},
{
"published_at": null,
"title": "Bulletins de s\u00e9curit\u00e9 SquirrelMail du 01 f\u00e9vrier 2006",
"url": null
}
]
}
CVE-2006-0195 (GCVE-0-2006-0195)
Vulnerability from cvelistv5
Published
2006-02-24 00:00
Modified
2024-08-07 16:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Interpretation conflict in the MagicHTML filter in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via style sheet specifiers with invalid (1) "/*" and "*/" comments, or (2) a newline in a "url" specifier, which is processed by certain web browsers including Internet Explorer.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:25:33.925Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2006:049",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:049"
},
{
"name": "RHSA-2006:0283",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0283.html"
},
{
"name": "19176",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19176"
},
{
"name": "FEDORA-2006-133",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00004.html"
},
{
"name": "SUSE-SR:2006:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_05_sr.html"
},
{
"name": "20210",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20210"
},
{
"name": "ADV-2006-0689",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0689"
},
{
"name": "18985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18985"
},
{
"name": "19205",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19205"
},
{
"name": "19960",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19960"
},
{
"name": "16756",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16756"
},
{
"name": "19130",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19130"
},
{
"name": "squirrelmail-magichtml-xss(24848)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24848"
},
{
"name": "20060501-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.squirrelmail.org/security/issue/2006-02-10"
},
{
"name": "oval:org.mitre.oval:def:9548",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9548"
},
{
"name": "DSA-988",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-988"
},
{
"name": "19131",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19131"
},
{
"name": "GLSA-200603-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200603-09.xml"
},
{
"name": "1015662",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015662"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Interpretation conflict in the MagicHTML filter in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via style sheet specifiers with invalid (1) \"/*\" and \"*/\" comments, or (2) a newline in a \"url\" specifier, which is processed by certain web browsers including Internet Explorer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDKSA-2006:049",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:049"
},
{
"name": "RHSA-2006:0283",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0283.html"
},
{
"name": "19176",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19176"
},
{
"name": "FEDORA-2006-133",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00004.html"
},
{
"name": "SUSE-SR:2006:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_05_sr.html"
},
{
"name": "20210",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20210"
},
{
"name": "ADV-2006-0689",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0689"
},
{
"name": "18985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18985"
},
{
"name": "19205",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19205"
},
{
"name": "19960",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19960"
},
{
"name": "16756",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16756"
},
{
"name": "19130",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19130"
},
{
"name": "squirrelmail-magichtml-xss(24848)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24848"
},
{
"name": "20060501-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.squirrelmail.org/security/issue/2006-02-10"
},
{
"name": "oval:org.mitre.oval:def:9548",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9548"
},
{
"name": "DSA-988",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-988"
},
{
"name": "19131",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19131"
},
{
"name": "GLSA-200603-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200603-09.xml"
},
{
"name": "1015662",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015662"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0195",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Interpretation conflict in the MagicHTML filter in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via style sheet specifiers with invalid (1) \"/*\" and \"*/\" comments, or (2) a newline in a \"url\" specifier, which is processed by certain web browsers including Internet Explorer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDKSA-2006:049",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:049"
},
{
"name": "RHSA-2006:0283",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0283.html"
},
{
"name": "19176",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19176"
},
{
"name": "FEDORA-2006-133",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00004.html"
},
{
"name": "SUSE-SR:2006:005",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_05_sr.html"
},
{
"name": "20210",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20210"
},
{
"name": "ADV-2006-0689",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0689"
},
{
"name": "18985",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18985"
},
{
"name": "19205",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19205"
},
{
"name": "19960",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19960"
},
{
"name": "16756",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16756"
},
{
"name": "19130",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19130"
},
{
"name": "squirrelmail-magichtml-xss(24848)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24848"
},
{
"name": "20060501-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc"
},
{
"name": "http://www.squirrelmail.org/security/issue/2006-02-10",
"refsource": "CONFIRM",
"url": "http://www.squirrelmail.org/security/issue/2006-02-10"
},
{
"name": "oval:org.mitre.oval:def:9548",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9548"
},
{
"name": "DSA-988",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-988"
},
{
"name": "19131",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19131"
},
{
"name": "GLSA-200603-09",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200603-09.xml"
},
{
"name": "1015662",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015662"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0195",
"datePublished": "2006-02-24T00:00:00",
"dateReserved": "2006-01-13T00:00:00",
"dateUpdated": "2024-08-07T16:25:33.925Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0188 (GCVE-0-2006-0188)
Vulnerability from cvelistv5
Published
2006-02-24 00:00
Modified
2024-08-07 16:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
webmail.php in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary web pages into the right frame via a URL in the right_frame parameter. NOTE: this has been called a cross-site scripting (XSS) issue, but it is different than what is normally identified as XSS.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:25:34.005Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2006:049",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:049"
},
{
"name": "RHSA-2006:0283",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0283.html"
},
{
"name": "19176",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19176"
},
{
"name": "squirrelmail-webmail-xss(24847)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24847"
},
{
"name": "FEDORA-2006-133",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00004.html"
},
{
"name": "SUSE-SR:2006:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_05_sr.html"
},
{
"name": "20210",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20210"
},
{
"name": "oval:org.mitre.oval:def:10419",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10419"
},
{
"name": "ADV-2006-0689",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0689"
},
{
"name": "18985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18985"
},
{
"name": "19205",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19205"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.squirrelmail.org/security/issue/2006-02-01"
},
{
"name": "19960",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19960"
},
{
"name": "16756",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16756"
},
{
"name": "19130",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19130"
},
{
"name": "20060501-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc"
},
{
"name": "DSA-988",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-988"
},
{
"name": "19131",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19131"
},
{
"name": "GLSA-200603-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200603-09.xml"
},
{
"name": "1015662",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015662"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "webmail.php in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary web pages into the right frame via a URL in the right_frame parameter. NOTE: this has been called a cross-site scripting (XSS) issue, but it is different than what is normally identified as XSS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDKSA-2006:049",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:049"
},
{
"name": "RHSA-2006:0283",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0283.html"
},
{
"name": "19176",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19176"
},
{
"name": "squirrelmail-webmail-xss(24847)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24847"
},
{
"name": "FEDORA-2006-133",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00004.html"
},
{
"name": "SUSE-SR:2006:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_05_sr.html"
},
{
"name": "20210",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20210"
},
{
"name": "oval:org.mitre.oval:def:10419",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10419"
},
{
"name": "ADV-2006-0689",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0689"
},
{
"name": "18985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18985"
},
{
"name": "19205",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19205"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.squirrelmail.org/security/issue/2006-02-01"
},
{
"name": "19960",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19960"
},
{
"name": "16756",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16756"
},
{
"name": "19130",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19130"
},
{
"name": "20060501-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc"
},
{
"name": "DSA-988",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-988"
},
{
"name": "19131",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19131"
},
{
"name": "GLSA-200603-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200603-09.xml"
},
{
"name": "1015662",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015662"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0188",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "webmail.php in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary web pages into the right frame via a URL in the right_frame parameter. NOTE: this has been called a cross-site scripting (XSS) issue, but it is different than what is normally identified as XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDKSA-2006:049",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:049"
},
{
"name": "RHSA-2006:0283",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0283.html"
},
{
"name": "19176",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19176"
},
{
"name": "squirrelmail-webmail-xss(24847)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24847"
},
{
"name": "FEDORA-2006-133",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00004.html"
},
{
"name": "SUSE-SR:2006:005",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_05_sr.html"
},
{
"name": "20210",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20210"
},
{
"name": "oval:org.mitre.oval:def:10419",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10419"
},
{
"name": "ADV-2006-0689",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0689"
},
{
"name": "18985",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18985"
},
{
"name": "19205",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19205"
},
{
"name": "http://www.squirrelmail.org/security/issue/2006-02-01",
"refsource": "CONFIRM",
"url": "http://www.squirrelmail.org/security/issue/2006-02-01"
},
{
"name": "19960",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19960"
},
{
"name": "16756",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16756"
},
{
"name": "19130",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19130"
},
{
"name": "20060501-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc"
},
{
"name": "DSA-988",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-988"
},
{
"name": "19131",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19131"
},
{
"name": "GLSA-200603-09",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200603-09.xml"
},
{
"name": "1015662",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015662"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0188",
"datePublished": "2006-02-24T00:00:00",
"dateReserved": "2006-01-12T00:00:00",
"dateUpdated": "2024-08-07T16:25:34.005Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0377 (GCVE-0-2006-0377)
Vulnerability from cvelistv5
Published
2006-02-24 00:00
Modified
2024-08-07 16:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary IMAP commands via newline characters in the mailbox parameter of the sqimap_mailbox_select command, aka "IMAP injection."
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:34:14.663Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "MDKSA-2006:049",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:049"
},
{
"name": "RHSA-2006:0283",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0283.html"
},
{
"name": "19176",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19176"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.squirrelmail.org/security/issue/2006-02-15"
},
{
"name": "FEDORA-2006-133",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00004.html"
},
{
"name": "SUSE-SR:2006:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_05_sr.html"
},
{
"name": "20210",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20210"
},
{
"name": "ADV-2006-0689",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0689"
},
{
"name": "18985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18985"
},
{
"name": "oval:org.mitre.oval:def:11470",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11470"
},
{
"name": "19205",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19205"
},
{
"name": "squirrelmail-mailbox-imap-injection(24849)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24849"
},
{
"name": "19960",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19960"
},
{
"name": "16756",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/16756"
},
{
"name": "19130",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19130"
},
{
"name": "20060501-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc"
},
{
"name": "DSA-988",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-988"
},
{
"name": "19131",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19131"
},
{
"name": "GLSA-200603-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200603-09.xml"
},
{
"name": "1015662",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015662"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary IMAP commands via newline characters in the mailbox parameter of the sqimap_mailbox_select command, aka \"IMAP injection.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-10T00:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "MDKSA-2006:049",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:049"
},
{
"name": "RHSA-2006:0283",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0283.html"
},
{
"name": "19176",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19176"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.squirrelmail.org/security/issue/2006-02-15"
},
{
"name": "FEDORA-2006-133",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00004.html"
},
{
"name": "SUSE-SR:2006:005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_05_sr.html"
},
{
"name": "20210",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20210"
},
{
"name": "ADV-2006-0689",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0689"
},
{
"name": "18985",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18985"
},
{
"name": "oval:org.mitre.oval:def:11470",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11470"
},
{
"name": "19205",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19205"
},
{
"name": "squirrelmail-mailbox-imap-injection(24849)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24849"
},
{
"name": "19960",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19960"
},
{
"name": "16756",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/16756"
},
{
"name": "19130",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19130"
},
{
"name": "20060501-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc"
},
{
"name": "DSA-988",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-988"
},
{
"name": "19131",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19131"
},
{
"name": "GLSA-200603-09",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-200603-09.xml"
},
{
"name": "1015662",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015662"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0377",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary IMAP commands via newline characters in the mailbox parameter of the sqimap_mailbox_select command, aka \"IMAP injection.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "MDKSA-2006:049",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:049"
},
{
"name": "RHSA-2006:0283",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0283.html"
},
{
"name": "19176",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19176"
},
{
"name": "http://www.squirrelmail.org/security/issue/2006-02-15",
"refsource": "CONFIRM",
"url": "http://www.squirrelmail.org/security/issue/2006-02-15"
},
{
"name": "FEDORA-2006-133",
"refsource": "FEDORA",
"url": "http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00004.html"
},
{
"name": "SUSE-SR:2006:005",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_05_sr.html"
},
{
"name": "20210",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20210"
},
{
"name": "ADV-2006-0689",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0689"
},
{
"name": "18985",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18985"
},
{
"name": "oval:org.mitre.oval:def:11470",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11470"
},
{
"name": "19205",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19205"
},
{
"name": "squirrelmail-mailbox-imap-injection(24849)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24849"
},
{
"name": "19960",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19960"
},
{
"name": "16756",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/16756"
},
{
"name": "19130",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19130"
},
{
"name": "20060501-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060501-01-U.asc"
},
{
"name": "DSA-988",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-988"
},
{
"name": "19131",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19131"
},
{
"name": "GLSA-200603-09",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-200603-09.xml"
},
{
"name": "1015662",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015662"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0377",
"datePublished": "2006-02-24T00:00:00",
"dateReserved": "2006-01-23T00:00:00",
"dateUpdated": "2024-08-07T16:34:14.663Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…