CVE-2012-4667 Information
Description
Multiple cross-site scripting (XSS) vulnerabilities in SquidClamav 5.x before 5.8 allow remote attackers to inject arbitrary web script or HTML via the (1) url (2) virus (3) source or (4) user parameter to (a) clwarn.cgi (b) clwarn.cgi.de_DE (c) clwarn.cgi.en_EN (d) clwarn.cgi.fr_FR (e) clwarn.cgi.pt_BR or (f) clwarn.cgi.ru_RU in cgi-bin/.
Reference
http://freecode.com/projects/squidclamav/releases/346722 http://squidclamav.darold.net/news.html http://www.openwall.com/lists/oss-security/2012/08/16/2 http://www.openwall.com/lists/oss-security/2012/08/16/4 http://www.openwall.com/lists/oss-security/2012/08/25/1 Multiple cross-site scripting (XSS) vulnerabilities in SquidClamav 5.x before 5.8 allow remote attackers to inject arbitrary web script or HTML via the (1) url (2) virus (3) source or (4) user parameter to (a) clwarn.cgi (b) clwarn.cgi.de_DE (c) clwarn.cgi.en_EN (d) clwarn.cgi.fr_FR (e) clwarn.cgi.pt_BR or (f) clwarn.cgi.ru_RU in cgi-bin/.
Share on: