Candidate: CVE-2009-1581
PublicDate: 2009-05-14 17:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1581
Description:
 functions/mime.php in SquirrelMail before 1.4.18 does not protect the
 application's content from Cascading Style Sheets (CSS) positioning in HTML
 e-mail messages, which allows remote attackers to spoof the user interface,
 and conduct cross-site scripting (XSS) and phishing attacks, via a crafted
 message.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.launchpad.net/bugs/375513
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_squirrelmail:
 debdiff: https://bugs.launchpad.net/bugs/375513
upstream_squirrelmail: released (1.4.18)
dapper_squirrelmail: ignored (reached end-of-life)
hardy_squirrelmail: released (2:1.4.13-2ubuntu1.3)
intrepid_squirrelmail: released (2:1.4.15-3ubuntu0.2)
jaunty_squirrelmail: released (2:1.4.15-4ubuntu0.1)
karmic_squirrelmail: not-affected
devel_squirrelmail: not-affected