FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

"Content-Type" XSS vulnerability affecting other webmail systems

Affected packages
openwebmail <= 2.32
ilohamail < 0.8.13

Details

VuXML ID c5519420-cec2-11d8-8898-000d6111a684
Discovery 2004-05-29
Entry 2004-07-05

Roman Medina-Heigl Hernandez did a survey which other webmail systems where vulnerable to a bug he discovered in SquirrelMail. This advisory summarizes the results.

References

CVE Name CVE-2004-0519
URL http://www.freebsd.org/ports/portaudit/89a0de27-bf66-11d8-a252-02e0185c0b53.html
URL http://www.freebsd.org/ports/portaudit/911f1b19-bd20-11d8-84f9-000bdb1444a4.html
URL http://www.freebsd.org/ports/portaudit/c3e56efa-c42f-11d8-864c-02e0185c0b53.html
URL http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-2.txt