CVE-2006-4019
Published Aug 11, 2006
Last updated 6 years ago
Overview
- Description
- Dynamic variable evaluation vulnerability in compose.php in SquirrelMail 1.4.0 to 1.4.7 allows remote attackers to overwrite arbitrary program variables and read or write the attachments and preferences of other users.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6.4
- Impact score
- 4.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Evaluator
- Comment
- -
- Impact
- -
- Solution
- -
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2C179A3C-8C8C-429B-BACA-8ADAE4170465"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4AD31177-05BB-4623-AED7-765DB7E44E47"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "20247A22-9AB9-4BCE-BF28-350B52FBC62D"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "79E6734C-EE1C-40B6-9759-15298707A6F5"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_r3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F6733B8C-5A9E-45CE-8938-F39A69EB0DC1"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3_rc1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B08E51F1-3764-4146-89C1-20B9B8EE1222"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.3a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CD4071B2-3D4F-4755-98B1-E28CEB05EA8B"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BF6591E5-5F36-4663-85A6-9D870FD49FC7"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.4_rc1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D062B70A-E5FF-403B-8BD1-777D6462B7CC"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D4CFD4D-EAC3-4325-A87F-9D5F4C513208"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3A884536-4D27-4350-B815-AB4E625879DC"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.6_rc1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C7ED3CC3-E0A8-4C20-9EF7-405CD32E9EF7"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BD89F143-EEBF-472D-9653-E7534F5799FF"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.4_rc1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "442BF5C9-DC58-4A94-A634-33D6A4F3C6DD"
},
{
"criteria": "cpe:2.3:a:squirrelmail:squirrelmail:1.44:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A0C44025-C79D-4791-8EF6-3E26786E194E"
}
],
"operator": "OR"
}
]
}
]