CVE-2011-2753

Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to hijack the authentication of unspecified victims via vectors involving (1) the empty trash implementation and (2) the Index Order (aka options_order) page, a different issue than CVE-2010-4555.

CVSS v2.0 6.8 MEDIUM

6.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail?view=revision&revision=14119	Patch
https://bugzilla.redhat.com/show_bug.cgi?id=720694	Patch
http://www.debian.org/security/2011/dsa-2291
http://www.mandriva.com/security/advisories?name=MDVSA-2011:123
http://rhn.redhat.com/errata/RHSA-2012-0103.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/68586

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:squirrelmail:squirrelmail:0.1:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:0.4:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.17:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.0:rc2a::::::
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.19:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.10:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.3.0:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.0pre1:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.0pre2:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.0pre3:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:0.5pre2:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.0.6:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.0.5:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.6:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.3:r3::::::
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.16:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.1.2:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r5:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.4:rc1::::::
	cpe:2.3:a:squirrelmail:squirrelmail:0.3pre2:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.20:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.0:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.0:rc1::::::
	cpe:2.3:a:squirrelmail:squirrelmail:1.1.3:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.2.4:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:0.5pre1:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r2:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.10a:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r4:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:0.3pre1:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.11:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:0.5:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.5:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.3.1:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.2:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:0.3:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.2.0:rc3::::::
	cpe:2.3:a:squirrelmail:squirrelmail:1.1.0:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:0.3.1:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.0-r1:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:0.1.2:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.2.7:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.2.6:rc1::::::
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.13:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:0.2.1:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.12:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.9a:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.7:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r3:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.1.1:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4:rc1::::::
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.15rc1:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.3:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:0.1.1:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.3.2:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.3:rc1::::::
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.1:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.2:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.8:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.6_cvs:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.5:rc1::::::
	cpe:2.3:a:squirrelmail:squirrelmail:1.2.3:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.3a:::::::*
	cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r1:::::::*
cpe:2.3:a:squirrelmail:squirrelmail:1.0.2:::::::*
cpe:2.3:a:squirrelmail:squirrelmail:1.4.6:rc1::::::
cpe:2.3:a:squirrelmail:squirrelmail:1.2.6:::::::*
cpe:2.3:a:squirrelmail:squirrelmail:1.4.15:rc1::::::
cpe:2.3:a:squirrelmail:squirrelmail:1.4.8.4fc6:::::::*
cpe:2.3:a:squirrelmail:squirrelmail:1.4.18:::::::*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.10:::::::*
cpe:2.3:a:squirrelmail:squirrelmail::::::::
cpe:2.3:a:squirrelmail:squirrelmail:1.2.5:::::::*
cpe:2.3:a:squirrelmail:squirrelmail:1.0.3:::::::*
cpe:2.3:a:squirrelmail:squirrelmail:0.2:::::::*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.8:::::::*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.11:::::::*
cpe:2.3:a:squirrelmail:squirrelmail:0.4pre2:::::::*
cpe:2.3:a:squirrelmail:squirrelmail:1.0.1:::::::*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.0:::::::*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.9:::::::*
cpe:2.3:a:squirrelmail:squirrelmail:1.4.15:::::::*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.2:::::::*
cpe:2.3:a:squirrelmail:squirrelmail:1.2.1:::::::*
cpe:2.3:a:squirrelmail:squirrelmail:1.4.9:::::::*
cpe:2.3:a:squirrelmail:squirrelmail:1.4:::::::*
cpe:2.3:a:squirrelmail:squirrelmail:1.0.4:::::::*
cpe:2.3:a:squirrelmail:squirrelmail:1.4.4:::::::*
cpe:2.3:a:squirrelmail:squirrelmail:1.4.3aa:::::::*
cpe:2.3:a:squirrelmail:squirrelmail:0.4pre1:::::::*
cpe:2.3:a:squirrelmail:squirrelmail:1.0:::::::*

Information

Published : 2011-07-17 13:55

Updated : 2017-08-28 18:29

NVD link : CVE-2011-2753

Mitre link : CVE-2011-2753

JSON object : View

CWE

CWE-352

Cross-Site Request Forgery (CSRF)

Products Affected

squirrelmail

squirrelmail

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail?view=revision&revision=14119", "name": "http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail?view=revision&revision=14119", "tags": ["Patch"], "refsource": "CONFIRM"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=720694", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=720694", "tags": ["Patch"], "refsource": "CONFIRM"}, {"url": "http://www.debian.org/security/2011/dsa-2291", "name": "DSA-2291", "tags": [], "refsource": "DEBIAN"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2011:123", "name": "MDVSA-2011:123", "tags": [], "refsource": "MANDRIVA"}, {"url": "http://rhn.redhat.com/errata/RHSA-2012-0103.html", "name": "RHSA-2012:0103", "tags": [], "refsource": "REDHAT"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68586", "name": "squirrelmail-authentication-csrf(68586)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to hijack the authentication of unspecified victims via vectors involving (1) the empty trash implementation and (2) the Index Order (aka options_order) page, a different issue than CVE-2010-4555."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-352"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2011-2753", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 6.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "MEDIUM", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}}, "publishedDate": "2011-07-17T20:55Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.17:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0:rc2a:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.19:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.0pre1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.0pre2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.0pre3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:0.5pre2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.0.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3:r3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.16:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.4:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:0.3pre2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:0.5pre1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.10a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:0.3pre1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:0.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.0:rc3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:0.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0-r1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:0.1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.6:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.13:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:0.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.9a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.15rc1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:0.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.6_cvs:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.5:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3a:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2-r1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.6:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.15:rc1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.8.4fc6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.18:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "1.4.21"}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:0.4pre2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.15:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.2.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3aa:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:0.4pre1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:squirrelmail:squirrelmail:1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-29T01:29Z"}

6.8 /10