CyberSec.Space Logo
CVEブラウザに戻る

CVE-2003-0990

HIGH
7.5
CVSS Severity Score
EPSS Score0.0870%
EPSS Percentile37.17th
Published2004年1月20日
Last Modified2026年4月16日

Vulnerability Description

The parseAddress code in (1) SquirrelMail 1.4.0 and (2) GPG Plugin 1.1 allows remote attackers to execute commands via shell metacharacters in the "To:" field.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=107247236124180&w=2
🔗 http://www.bugtraq.org/advisories/_BSSADV-0001.txt
🔗 http://www.securityfocus.com/archive/1/348366
🔗 http://www.securityfocus.com/bid/9296
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/14079
🔗 http://marc.info/?l=bugtraq&m=107247236124180&w=2
🔗 http://www.bugtraq.org/advisories/_BSSADV-0001.txt
🔗 http://www.securityfocus.com/archive/1/348366

関連する脆弱性情報

CVE-2003-071510.0

Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers...

CVE-2003-030410.0

one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to create administrator accounts by directly calling the inst...

CVE-2003-019610.0

Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service...

CVE-2003-109010.0

Buffer overflow in AbsoluteTelnet before 2.12 RC10 allows remote attackers to execute arbitrary code via a long window title.