Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 20/01/2004 Updated: 11/07/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

The parseAddress code in (1) SquirrelMail 1.4.0 and (2) GPG Plugin 1.1 allows remote malicious users to execute commands via shell metacharacters in the "To:" field.

Vulnerable Product	Search on Vulmon	Subscribe to Product

## # $Id: squirrelmail_pgp_pluginrb 10148 2010-08-25 20:31:46Z egypt $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core ...

NVD-CWE-Other http://www.securityfocus.com/archive/1/348366 http://www.securityfocus.com/bid/9296 http://www.bugtraq.org/advisories/_BSSADV-0001.txt http://marc.info/?l=bugtraq&m=107247236124180&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/14079 https://nvd.nist.gov https://www.exploit-db.com/exploits/16888/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2003-0990

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect