oval:org.mitre.oval:def:1012

Definition Id: oval:org.mitre.oval:def:1012

Oval ID:	oval:org.mitre.oval:def:1012
Title:	SquirrelMail Cross-site Scripting Vulnerability II
Description:	Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2004-0520	Version:	3
Platform(s):	Red Hat Enterprise Linux 3	Product(s):	SquirrelMail
Definition Synopsis:
Software section Red Hat Enterprise 3 is installed AND squirrelmail rpm version prior to 1.4.3-0.e3.1 is installed AND php rpm is installed AND Configuration section httpd is listening on the network AND /etc/httpd/modules/libphp4.so exists