SquirrelMail 'mail_fetch' Remote Information Disclosure Vulnerability Network Vulnerability

Summary

SquirrelMail is prone to a remote information-disclosure vulnerability. Attackers can exploit this issue to obtain potentially sensitive information that may lead to further attacks. This issue affects SquirrelMail 1.4.x versions.

Solution

Updates are available. Please see the references for more information.

References

http://conference.hitb.org/hitbsecconf2010dxb/materials/D1%20-%20Laurent%20Oudot%20-%20Improving%20the%20Stealthiness%20of%20Web%20Hacking.pdf#page=69
http://www.squirrelmail.org
https://www.securityfocus.com/bid/40291

Updated on 2017-03-28

Severity

Classification

CVE CVE-2010-1637

CVSS	Base Score: 4.0 AV:N/AC:L/Au:S/C:P/I:N/A:N

Related Vulnerabilities

Andy's PHP Knowledgebase Multiple Cross-Site Scripting Vulnerabilities
Andromeda Streaming MP3 Server Cross Site Scripting Vulnerability
Apache ActiveMQ Multiple Vulnerabilities
Adiscon LogAnalyzer 'highlight' Parameter Cross Site Scripting Vulnerability
Apache Tomcat RemoteFilterValve Security Bypass Vulnerability

Take action and discover your vulnerabilities