oval:org.mitre.oval:def:23175
Definition Id: oval:org.mitre.oval:def:23175 | |||
Oval ID: | oval:org.mitre.oval:def:23175 | ||
Title: | ELSA-2012:0103: squirrelmail security update (Moderate) | ||
Description: | Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to hijack the authentication of unspecified victims via vectors involving (1) the empty trash implementation and (2) the Index Order (aka options_order) page, a different issue than CVE-2010-4555. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2012:0103-01 CVE-2010-1637 CVE-2010-2813 CVE-2010-4554 CVE-2010-4555 CVE-2011-2023 CVE-2011-2752 CVE-2011-2753 | Version: | 33 |
Platform(s): | Oracle Linux 5 | Product(s): | squirrelmail |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:15459 | |||
Oval ID: | oval:org.mitre.oval:def:15459 | ||
Title: | Oracle Linux 5.x | ||
Description: | The operating system installed on the system is Oracle Linux 5.x | ||
Family: | unix | Class: | inventory |
Reference(s): | cpe:/o:oracle:linux:5 | Version: | 7 |
Platform(s): | Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
Referenced By: | |||
oval:org.mitre.oval:def:23175 |