1.4.12 and 1.4.11 Package Compromise
- The SquirrelMail packages of 1.4.12 and 1.4.11 were externally modified after release through a cracked sourceforge.net developer account. The inserted code can allow for remote PHP code execution in many environments. Updated packages have been published as well as a 1.4.13 version to solve any confustion.
- Affected Versions:
- Register Globals:
- Register_globals does not have to be on for this issue.
- CVE ID(s):
- This page last updated:
- 2007-12-15 10:15:00