oval:org.mitre.oval:def:1006

Definition Id: oval:org.mitre.oval:def:1006

Oval ID:	oval:org.mitre.oval:def:1006
Title:	SquirrelMail Cross-site Scripting Vulnerability I
Description:	Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0519	Version:	3
Platform(s):	Red Hat Enterprise Linux 3	Product(s):	SquirrelMail
Definition Synopsis:
Software section Red Hat Enterprise 3 is installed AND squirrelmail rpm version prior to 1.4.3-0.e3.1 is installed AND php rpm is installed AND Configuration section httpd is listening on the network AND /etc/httpd/modules/libphp4.so exists