Home > Vulnerability Database > CVE-2006-4019

Mend.io Vulnerability Database

CVE-2006-4019

Date: August 11, 2006

Dynamic variable evaluation vulnerability in compose.php in SquirrelMail 1.4.0 to 1.4.7 allows remote attackers to overwrite arbitrary program variables and read or write the attachments and preferences of other users.

Severity Score

6.5

Related Resources (31)

Url: http://www.securityfocus.com/bid/19486

Url: http://www.osvdb.org/27917

Url: http://docs.info.apple.com/article.html?artnum=306172

Url: http://marc.info/?l=full-disclosure&m=115532449024178&w=2

Url: http://www.debian.org/security/2006/dsa-1154

Url: http://www.vupen.com/english/advisories/2006/3271

Url: http://www.novell.com/linux/security/advisories/2006_23_sr.html

Url: http://secunia.com/advisories/22104

Url: http://attrition.org/pipermail/vim/2006-August/000970.html

Url: http://www.squirrelmail.org/patches/sqm1.4.7-expired-post-fix-full.patch

Url: http://secunia.com/advisories/22487

Url: http://secunia.com/advisories/21354

Url: http://secunia.com/advisories/22080

Url: http://www.securityfocus.com/bid/25159

Url: http://lists.apple.com/archives/security-announce//2007/Jul/msg00004.html

Url: https://issues.rpath.com/browse/RPL-577

Url: http://securitytracker.com/id?1016689

Url: http://secunia.com/advisories/21444

Url: ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc

Url: http://secunia.com/advisories/21586

Url: http://www.securityfocus.com/archive/1/442980/100/0/threaded

Url: http://www.vupen.com/english/advisories/2007/2732

Url: http://www.securityfocus.com/archive/1/442993/100/0/threaded

Url: https://nvd.nist.gov/vuln/detail/CVE-2006-4019

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/28365

Url: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11533

Url: http://www.mandriva.com/security/advisories?name=MDKSA-2006:147

Url: http://www.squirrelmail.org/security/issue/2006-08-11

Url: http://www.redhat.com/support/errata/RHSA-2006-0668.html

Url: http://secunia.com/advisories/26235

Url: https://www.mend.io/vulnerability-database/CVE-2006-4019

Severity Score

6.5

CVSS v3.1

Base Score:	6.5
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	NONE

CVSS v2

Base Score:	6.4
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	PARTIAL
Integrity (I):	PARTIAL
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2006-4019

Date: August 11, 2006

Severity Score

Related Resources (31)

Severity Score

CVSS v3.1

CVSS v2

Do you need more information?