GCVE - cpe:2.3:a:squirrelmail:imap_general.php:1.2.2:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:squirrelmail:imap_general.php:1.2.2:*:*:*:*:*:*:*

part: a version: 1.2.2 update: *

Vendor	Squirrelmail (`53f64d69-42c3-5c49-8690-e66c5b6ca053`)
Product	Imap General.Php (`0f00dcf6-fe8e-5a05-8cdc-9bd9502c7994`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2009-1381`	vulnerable	2026-06-08 04:51:22.508014	Details available The map_yp_alias function in functions/imap_general.php in SquirrelMail before 1.4.19-1 on Debian GNU/Linux, and possibly other operating systems and versions, allows remote attackers to execute arbitrary commands via shell metacharacters in a username string that is used by the ypmatch program. NOTE: this issue exists because of an incomplete fix for CVE-2009-1579. Published: 2009-05-22T20:00:00.000Z Updated: 2024-08-07T05:13:25.559Z Open on db.gcve.eu Reference links http://secunia.com/advisories/35140 https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01202.html http://www.securityfocus.com/archive/1/503718/100/0/threaded http://www.mandriva.com/security/advisories?name=MDVSA-2009:122 http://release.debian.org/proposed-updates/stable_diffs/squirrelmail_1.4.15-4+lenny2.debdiff	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.