PublicDate: 2006-02-24 00:02:00 UTC
Candidate: CVE-2006-0195
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0195
Description:
 Interpretation conflict in the MagicHTML filter in SquirrelMail 1.4.0 to
 1.4.5 allows remote attackers to conduct cross-site scripting (XSS) attacks
 via style sheet specifiers with invalid (1) "/*" and "*/" comments, or (2)
 a newline in a "url" specifier, which is processed by certain web browsers
 including Internet Explorer.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_squirrelmail: released (1.4.6-1ubuntu0.1)
edgy_squirrelmail: released (1.4.8-1ubuntu0.1)
feisty_squirrelmail: released (1.4.9a-1ubuntu0.1)
devel_squirrelmail: released (1.4.10a-2)
upstream_squirrelmail: needs-triage