Launchpad CVE tracker

CVE 2006-4019

Dynamic variable evaluation vulnerability in compose.php in SquirrelMail 1.4.0 to 1.4.7 allows remote attackers to overwrite arbitrary program variables and read or write the attachments and preferences of other users.

Related bugs and status

CVE-2006-4019 (Candidate) is related to these bugs:

Bug #57195: [CVE-2006-4019] squirrelmail -- variable overwriting

		In	Importance	Status
57195	[CVE-2006-4019] squirrelmail -- variable overwriting	squirrelmail (Ubuntu)	High	Fix Released
57195	[CVE-2006-4019] squirrelmail -- variable overwriting	squirrelmail (Debian)	Unknown	Fix Released
57195	[CVE-2006-4019] squirrelmail -- variable overwriting	squirrelmail (Ubuntu Breezy)	Undecided	Invalid
57195	[CVE-2006-4019] squirrelmail -- variable overwriting	squirrelmail (Ubuntu Dapper)	Undecided	Fix Released

Bug #115149: Please backport for squirrelmail from gutsy to dapper, edgy, and feisty

		In	Importance	Status
115149	Please backport for squirrelmail from gutsy to dapper, edgy, and feisty	Dapper Backports	Wishlist	Fix Released
115149	Please backport for squirrelmail from gutsy to dapper, edgy, and feisty	Edgy Backports	Wishlist	Fix Released
115149	Please backport for squirrelmail from gutsy to dapper, edgy, and feisty	Feisty Backports	Wishlist	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2006-4019

References