Red Hat Bugzilla – Bug 145967
CAN-2005-0103 Multiple issues in squirrelmail (CAN-2005-0104)
Last modified: 2007-11-30 17:07:15 EST
*** This bug has been split off bug 145964 ***
------- Original comment by Josh Bressers (Security Response Team) on 2005.01.24
Two additional issues were fixed in squirrelmail 1.4.4
CAN-2005-0103 for cross site scripting
CAN-2005-0104 for code injectian via unsanitised integer variable
The fixes for these issues are here.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.