CVE-2007-6348 Information

Description

SquirrelMail 1.4.11 and 1.4.12 as distributed on sourceforge.net before 20071213 has been externally modified to create a Trojan Horse that introduces a PHP remote file inclusion vulnerability which allows remote attackers to execute arbitrary code.

Reference

http://marc.info/?l=bugtraq&m=119765643909825&w=2 http://marc.info/?l=squirrelmail-devel&m=119756462212214&w=2 http://marc.info/?l=squirrelmail-devel&m=119765235203392&w=2 http://osvdb.org/42633 http://secunia.com/advisories/28095 http://www.securityfocus.com/archive/1/485037/100/0/threaded http://www.squirrelmail.org/index.php