Donations
News
About
Support
Screen shots
Download
Plugins
Documentation
Sponsors
Bounties
|
Security
Session fixation vulnerability
- Date:
- 2009-05-11
- Description:
- An issue was fixed that allowed an attacker to possibly steal user data by hijacking the SquirrelMail login session.
- Affected Versions:
- <= 1.4.17
- Register Globals:
- Register_globals does not have to be on for this issue.
- CVE id('s):
- CVE-2009-1580
- Patch:
- view patch
- Credits:
- Tomas Hoger
- This page last updated:
- 2009-05-11 00:00:00
|
