SquirrelMail contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate user-supplied input to the decodeHeader() function in mime.php. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.

Currently, there are no known workarounds or upgrades to correct this issue. However, the SquirrelMail Project Team has released a patch to address this vulnerability.

• Security Tracker: 1012169
• Secunia Advisory ID: 13155 13221 13323 13342 13658
• ISS X-Force ID: 18031
• CVE ID: 2004-1036 (see also: NVD)
• Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2004-11/0129.html
• Vendor Specific Advisory URL: http://article.gmane.org/gmane.mail.squirrelmail.user/21169
  http://docs.info.apple.com/article.html?artnum=300770
  http://www.gentoo.org/security/en/glsa/glsa-200411-25.xml
• Other Advisory URL: http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=000905
• Vendor URL: http://www.squirrelmail.org/
• RedHat RHSA: RHSA-2004:654

• Joost Pol - joostpine.nl -