Red Hat Bugzilla – Bug 182582
CVE-2006-0195 Possible XSS in MagicHTML (IE only)
Last modified: 2007-11-30 17:11:24 EST
Possible XSS in MagicHTML (IE only)
(Text taken from the above URL)
The MagicHTML filter for incoming HTML email did not correctly
disregard comments (/* */) inserted in style sheets ("u/* */rl"). It
also accepted "u\rl" as "url" in styles. These allow a malicious user to break the privacy of the user by having them request an item from a
remote site when reading the mail. This happens only in browsers that
parse this invalid style, only one known is Internet Explorer.
From User-Agent: XML-RPC
squirrelmail-1.4.6-1.fc4 has been pushed for FC4, which should resolve this issue. If these problems are still present in this version, then please make note of it in this bug report.
Not sure why this wasn't closed earlier.