>> Gentoo Security Update Fixes SquirrelMail Cross Site Scripting
Title : Gentoo Security Update Fixes SquirrelMail Cross Site Scripting VUPEN ID : VUPEN/ADV-2005-0831 CVE ID : CVE-2005-1769 CWE ID : CWE-
Rated as : Moderate Risk
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2005-06-22
Technical Description
Gentoo has released a security patch to correct several vulnerabilities identified in SquirrelMail. These flaws are due to input validation errors when handling specially crafted parameters, which could be exploited to cause arbitrary scripting code to be executed by the user's browser via either URL manipulation or by sending a specially crafted email to a victim. For additional information, see : VUPEN/ADV-2005-0800
