← Back to branch summary

~ubuntu-security/ubuntu-cve-tracker/master

« back to all changes in this revision

Viewing changes to retired/CVE-2011-2023

  • Committer: Steve Beattie
  • Date: 2019-02-19 06:18:27 UTC
  • Revision ID: sbeattie@ubuntu.com-20190219061827-oh57fzcfc1u9dlfk
The ubuntu-cve-tracker project has been converted to git.

Please use 'git clone https://git.launchpad.net/ubuntu-cve-tracker' to
get the converted tree.

Show diffs side-by-side

added added

removed removed

Lines of Context:
retired/CVE-2011-2023
1
 
Candidate: CVE-2011-2023
2
 
PublicDate: 2011-07-14
3
 
References:
4
 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2023
5
 
 http://www.squirrelmail.org/security/issue/2011-07-10
6
 
Description:
7
 
 Cross-site scripting (XSS) vulnerability in functions/mime.php in
8
 
 SquirrelMail before 1.4.22 allows remote attackers to inject arbitrary web
9
 
 script or HTML via a crafted STYLE element in an e-mail message.
10
 
Ubuntu-Description:
11
 
Notes:
12
 
Bugs:
13
 
Priority: low
14
 
Discovered-by:
15
 
Assigned-to:
16
 
 
17
 
Patches_squirrelmail:
18
 
 upstream: http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/branches/SM-1_4-STABLE/squirrelmail/functions/mime.php?view=patch&r1=14133&r2=14120&pathrev=14133
19
 
upstream_squirrelmail: released (1.4.22)
20
 
hardy_squirrelmail: ignored (reached end-of-life)
21
 
lucid_squirrelmail: ignored (reached end-of-life)
22
 
maverick_squirrelmail: ignored (reached end-of-life)
23
 
natty_squirrelmail: ignored (reached end-of-life)
24
 
oneiric_squirrelmail: not-affected (2:1.4.22-1)
25
 
precise_squirrelmail: not-affected (2:1.4.22-1)
26
 
quantal_squirrelmail: not-affected (2:1.4.22-1)
27
 
raring_squirrelmail: not-affected (2:1.4.22-1)
28
 
saucy_squirrelmail: not-affected (2:1.4.22-1)
29
 
devel_squirrelmail: not-affected (2:1.4.22-1)