Candidate: CVE-2010-4554
PublicDate: 2011-07-14 23:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4554
 http://www.squirrelmail.org/security/issue/2011-07-12
Description:
 functions/page_header.php in SquirrelMail 1.4.21 and earlier does not
 prevent page rendering inside a frame in a third-party HTML document, which
 makes it easier for remote attackers to conduct clickjacking attacks via a
 crafted web site.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_squirrelmail:
 upstream: http://squirrelmail.svn.sourceforge.net/viewvc/squirrelmail/branches/SM-1_4-STABLE/squirrelmail/functions/page_header.php?view=patch&r1=14117&r2=14116&pathrev=14117
upstream_squirrelmail: released (1.4.22)
hardy_squirrelmail: ignored (reached end-of-life)
lucid_squirrelmail: ignored (reached end-of-life)
maverick_squirrelmail: ignored (reached end-of-life)
natty_squirrelmail: ignored (reached end-of-life)
oneiric_squirrelmail: not-affected (2:1.4.22-1)
precise_squirrelmail: not-affected (2:1.4.22-1)
quantal_squirrelmail: not-affected (2:1.4.22-1)
raring_squirrelmail: not-affected (2:1.4.22-1)
saucy_squirrelmail: not-affected (2:1.4.22-1)
devel_squirrelmail: not-affected (2:1.4.22-1)