You are here

CVE-2010-4554

Vincent (CVE) Danen's picture
functions/page_header.php in SquirrelMail 1.4.21 and earlier does not prevent page rendering inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.

Details Source

Mitre

Public Date

2011-07-12 00:00:00

Impact

Low

Bugzilla

CVE-2010-4554 SquirrelMail: Prone to clickjacking attacks

Bugzilla ID

720 693

CVSS Status

verified

Base Score

4.30

Base Metrics

AV:N/AC:M/Au:N/C:N/I:N/A:P

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 5 (squirrelmail) RHSA-2012:0103 2012-02-08
Red Hat Enterprise Linux 4 (squirrelmail) RHSA-2012:0103 2012-02-08